Buffer Overflow in POSIX Threads Library on HP Tru64 UNIX
CVE-2006-6418

Currently unrated

Key Information:

Vendor: HP
Status: Tru64
Vendor: CVE Published:; 10 December 2006

Summary

A buffer overflow exists in the POSIX Threads library (libpthread) on HP Tru64 UNIX systems. This vulnerability allows a local user to exploit a long PTHREAD_CONFIG environment variable, potentially gaining root access and compromising system integrity. It affects specific versions, making it critical for users to apply patches and review system configurations to prevent unauthorized privilege escalation.

References

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c...

vendor-advisoryx_refsource_HP

http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c...

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2006/4483

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Dec 10, 2006
Vulnerability Reserved
Dec 9, 2006