Local Information Disclosure Vulnerability in HP Tru64 UNIX ps Command
CVE-2007-0805

Currently unrated

Key Information:

Vendor: HP
Status: Tru64
Vendor: CVE Published:; 7 February 2007

Summary

The ps command on HP Tru64 UNIX 5.1 1885 is susceptible to an information disclosure vulnerability. Local users can exploit this issue to view sensitive data, including environment variables of any processes running on the system, by utilizing the 'auxewww' argument. This vulnerability mirrors past issues that resulted in similar security concerns, thereby heightening the risks associated with unauthorized access to information within a vulnerable system.

References

http://securitytracker.com/id?1017592

vdb-entryx_refsource_SECTRACK

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/459266/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 7, 2007
Vulnerability Reserved
Feb 7, 2007