Vulnerabilities > CVE-2004-1328 - Newgrp Local Privilege Escalation vulnerability in HP Hp-Ux 11.00/11.11/11.4
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_32280.NASL description s700_800 11.04 (VVOS) libpam, libpam_unix cumulative patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX systems where the vulnerability may be exploited to allow a local user to increase privilege. (HPSBUX02091 SSRT061099) - A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. (HPSBUX01102 SSRT4687) last seen 2020-06-01 modified 2020-06-02 plugin id 16962 published 2005-02-16 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16962 title HP-UX PHCO_32280 : s700_800 11.04 (VVOS) libpam, libpam_unix cumulative patch NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_29682.NASL description s700_800 11.00 cumulative newgrp(1) patch : A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 16615 published 2005-02-16 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16615 title HP-UX PHCO_29682 : HP-UX Running newgrp(1), Local Privilege Elevation (HPSBUX01102 SSRT4687 rev.2) NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_26385.NASL description s700_800 11.11 newgrp(1) cumulative patch : A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 16553 published 2005-02-16 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16553 title HP-UX PHCO_26385 : HP-UX Running newgrp(1), Local Privilege Elevation (HPSBUX01102 SSRT4687 rev.2)
Oval
accepted | 2014-03-24T04:01:43.193-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
description | Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:5622 | ||||||||
status | accepted | ||||||||
submitted | 2008-07-07T16:38:37.000-04:00 | ||||||||
title | HP-UX Running newgrp(1), Local Privilege Elevation | ||||||||
version | 39 |