CVE-2008-1660

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors.

References

http://marc.info/?l=bugtraq&m=121130252706976&w=2

http://secunia.com/advisories/30308

http://securitytracker.com/id?1020045

http://www.securityfocus.com/bid/29286

http://www.vupen.com/english/advisories/2008/1570

https://exchange.xforce.ibmcloud.com/vulnerabilities/42523

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5558

Details

Source: MITRE

Published: 2008-05-21

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 6.3

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:N

Impact Score: 9.2

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
32453HP-UX PHCO_37291 : HP-UX Running useradd(1M), Local Unauthorized Access (HPSBUX02335 SSRT071454 rev.2)NessusHP-UX Local Security Checks
medium
32452HP-UX PHCO_37290 : HP-UX Running useradd(1M), Local Unauthorized Access (HPSBUX02335 SSRT071454 rev.2)NessusHP-UX Local Security Checks
medium
32451HP-UX PHCO_36953 : HP-UX Running useradd(1M), Local Unauthorized Access (HPSBUX02335 SSRT071454 rev.2)NessusHP-UX Local Security Checks
medium