High

CVE-2002-1618 - Unspecified vulnerability in HP JFS/-UX

Publication: 2002-10-16
Summary

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

Risk level (CVSS 7.2)

High

7.2

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • HP JFS 3.1
  • HP HP-UX 10.20
  • HP HP-UX 11.00
  • HP HP-UX 11.04