Vulnerabilities > CVE-2002-1618 - Unspecified vulnerability in HP Hp-Ux and JFS

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

NVD

Published: 2002-10-16

Updated: 2017-10-11

Summary

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP JFS 3.1	1
OS	Hp HP HP UX 10.20 HP HP UX 11.00 HP HP UX 11.04	3

Oval

accepted

2008-08-25T04:00:28.948-04:00

class

vulnerability

contributors

name	Michael Wood
organization	Hewlett-Packard

description

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

family

unix

oval:org.mitre.oval:def:5700

status

accepted

submitted

2008-07-10T16:22:36.000-04:00

title

OnLineJFS sticky bit does not function properly.

version

Summary

Vulnerable Configurations

Oval

References