Vulnerabilities > CVE-2005-3779 - Local Unauthorized Access vulnerability in HP Hp-Ux 11.00/11.11/11.23

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
hp
nessus

Summary

Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.

Vulnerable Configurations

Part Description Count
OS
Hp
3

Nessus

  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_34160.NASL
    descriptions700_800 11.00 XClients Patch : A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
    last seen2020-06-01
    modified2020-06-02
    plugin id21660
    published2006-06-06
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/21660
    titleHP-UX PHSS_34160 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHSS_34160. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(21660);
      script_version("1.12");
      script_cvs_date("Date: 2018/08/10 18:07:07");
    
      script_cve_id("CVE-2005-3779");
      script_xref(name:"HP", value:"emr_na-c00555516");
      script_xref(name:"HP", value:"HPSBUX02075");
      script_xref(name:"HP", value:"SSRT051074");
    
      script_name(english:"HP-UX PHSS_34160 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.00 XClients Patch : 
    
    A potential security vulnerability has been identified with HP-UX
    running xterm. The vulnerability could be exploited by a local user to
    gain unauthorized access."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00555516
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?87667e9c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHSS_34160 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/04/10");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/06/06");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.00"))
    {
      exit(0, "The host is not affected since PHSS_34160 applies to a different OS release.");
    }
    
    patches = make_list("PHSS_34160");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"X11.X11-JPN-S-MSG", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CL", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CL-MAN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CT-MAN", version:"B.11.00")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CTRB", version:"B.11.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_34159.NASL
    descriptions700_800 11.23 XClients Patch : A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
    last seen2020-06-01
    modified2020-06-02
    plugin id21553
    published2006-05-13
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/21553
    titleHP-UX PHSS_34159 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHSS_34159. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(21553);
      script_version("1.13");
      script_cvs_date("Date: 2018/08/10 18:07:07");
    
      script_cve_id("CVE-2005-3779");
      script_xref(name:"HP", value:"emr_na-c00555516");
      script_xref(name:"HP", value:"HPSBUX02075");
      script_xref(name:"HP", value:"SSRT051074");
    
      script_name(english:"HP-UX PHSS_34159 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.23 XClients Patch : 
    
    A potential security vulnerability has been identified with HP-UX
    running xterm. The vulnerability could be exploited by a local user to
    gain unauthorized access."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00555516
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?87667e9c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHSS_34159 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/02/23");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/05/13");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.23"))
    {
      exit(0, "The host is not affected since PHSS_34159 applies to a different OS release.");
    }
    
    patches = make_list("PHSS_34159", "PHSS_41912");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"X11.X11-RUN-CL", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CL-MAN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CT-MAN", version:"B.11.23")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CTRB", version:"B.11.23")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_34102.NASL
    descriptions700_800 11.11 XClients Patch : A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
    last seen2020-06-01
    modified2020-06-02
    plugin id20397
    published2006-01-11
    reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20397
    titleHP-UX PHSS_34102 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHSS_34102. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(20397);
      script_version("1.14");
      script_cvs_date("Date: 2018/08/10 18:07:07");
    
      script_cve_id("CVE-2005-3779");
      script_xref(name:"HP", value:"emr_na-c00555516");
      script_xref(name:"HP", value:"HPSBUX02075");
      script_xref(name:"HP", value:"SSRT051074");
    
      script_name(english:"HP-UX PHSS_34102 : HP-UX Running xterm Local Unauthorized Access (HPSBUX02075 SSRT051074 rev.5)");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.11 XClients Patch : 
    
    A potential security vulnerability has been identified with HP-UX
    running xterm. The vulnerability could be exploited by a local user to
    gain unauthorized access."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00555516
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?87667e9c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHSS_34102 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/12/23");
      script_set_attribute(attribute:"patch_modification_date", value:"2006/05/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/11");
      script_set_attribute(attribute:"vuln_publication_date", value:"2005/11/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11"))
    {
      exit(0, "The host is not affected since PHSS_34102 applies to a different OS release.");
    }
    
    patches = make_list("PHSS_34102");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"X11.X11-JPN-S-MSG", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CL", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CL-MAN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CT-MAN", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"X11.X11-RUN-CTRB", version:"B.11.11")) flag++;
    if (hpux_check_patch(app:"X11.X11-TCH-B-MSG", version:"B.11.11")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Oval

  • accepted2011-05-09T04:01:11.319-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionUnspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
    familyunix
    idoval:org.mitre.oval:def:1461
    statusaccepted
    submitted2006-01-11T12:55:00.000-04:00
    titleHP-UX xterm Privilege Escalation Vulnerability (B.11.11)
    version38
  • accepted2014-03-24T04:01:49.414-04:00
    classvulnerability
    contributors
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameTodd Dolinsky
      organizationOpsware, Inc.
    • nameMichael Wood
      organizationHewlett-Packard
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    • nameSushant Kumar Singh
      organizationHewlett-Packard
    descriptionUnspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
    familyunix
    idoval:org.mitre.oval:def:598
    statusaccepted
    submitted2005-11-30T12:00:00.000-04:00
    titleHP-UX Running xterm Local Unauthorized Access
    version40