HP Tru64 Unix dtmailpr Privilege Escalation Vulnerability - Secunia Advisories - Vulnerability Intelligence

HP Tru64 Unix dtmailpr Privilege Escalation Vulnerability
Secunia Advisory:	SA9990	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-10-13
Last Update:	2003-11-19
Popularity:	7,069 views

Critical:	Less critical
Impact:	Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

OS:	HP Tru64 UNIX 4.x HP Tru64 UNIX 5.x

Subscribe:	Instant alerts on relevant vulnerabilities

Description: HP has reported a vulnerability in Tru64 Unix, which can be exploited by malicious, local users to escalate privileges on a vulnerable system. The vulnerability is caused due to a boundary error in a function called by dtmailpr, which is installed suid. This can be exploited to cause a buffer overflow allowing execution of arbitrary code with escalated privileges. The vulnerability affects all currently supported versions of HP Tru64 UNIX running CDE including versions 5.1B, 5.1A, 5.1, 4.0G, and 4.0F. Solution: Apply ERP kits. HP Tru64 UNIX 5.1B with PK2 (BL22) installed: http://www.itrc.hp.com/service/patch/...hid=T64KIT0019665-V51BB22-ES-20030818 HP Tru64 UNIX 5.1A with PK5 (BL23) installed: http://www.itrc.hp.com/service/patch/...hid=T64KIT0019666-V51AB23-ES-20030818 HP Tru64 UNIX 5.1A with PK4 (BL21) installed: http://www.itrc.hp.com/service/patch/...hid=T64KIT0019667-V51AB21-ES-20030818 HP Tru64 UNIX 5.1 with PK6 (BL20) installed: http://www.itrc.hp.com/service/patch/...chid=T64KIT0019905-V51B20-ES-20030908 HP Tru64 UNIX 4.0G with PK4 (BL22) installed: http://www.itrc.hp.com/service/patch/...hid=T64KIT0019852-V40GB22-ES-20030902 HP Tru64 UNIX 4.0F with PK8 (BL22) installed: http://www.itrc.hp.com/service/patch/...hid=DUXKIT0019851-V40FB22-ES-20030902 Changelog: 2003-11-19: More details available.

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

3rd Dec, 2008

New advisories:	24
New vulnerabilities:	39
Updated advisories:	41

Moderately // 302 views

mvnForum Unspecified Cross-Site Scripting and Request Forgery

Less // 282 views

Debian update for awstats

Moderately // 306 views

Kolab Server ClamAV Multiple Vulnerabilities

Less // 358 views

Movable Type Unspecified Cross-Site Scripting Vulnerability

Moderately // 329 views

Sunbyte e-Flower "id" SQL Injection Vulnerability

Not // 360 views

SUSE update for kernel

Not // 465 views

HP-UX Unspecified Local Denial of Service Vulnerability

Moderately // 401 views

WebGUI Executable Attachments Vulnerability

Moderately // 603 views

SquirrelMail Malformed HTML Mail Message Script Insertion

Less // 591 views

VMware ESX Server update for bzip2

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.