Vulnerabilities > CVE-2006-1248 - Unspecified vulnerability in HP Hp-Ux 11.00/11.11/11.23
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hp
nessus
Summary
Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_33142.NASL description s700_800 11.11 ugm cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user last seen 2020-06-01 modified 2020-06-02 plugin id 21103 published 2006-03-21 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21103 title HP-UX PHCO_33142 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHCO_33142. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(21103); script_version("1.16"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2006-1248"); script_xref(name:"HP", value:"emr_na-c00614838"); script_xref(name:"HP", value:"HPSBUX02102"); script_xref(name:"HP", value:"SSRT051078"); script_name(english:"HP-UX PHCO_33142 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.11 ugm cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user's new home directory. This may result in unauthorized access to these directories and files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00614838 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?db51d206" ); script_set_attribute( attribute:"solution", value:"Install patch PHCO_33142 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/03/13"); script_set_attribute(attribute:"patch_modification_date", value:"2006/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/03/21"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11")) { exit(0, "The host is not affected since PHCO_33142 applies to a different OS release."); } patches = make_list("PHCO_33142", "PHCO_35732", "PHCO_37290", "PHCO_38492"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OS-Core.ADMN-ENG-A-MAN", version:"B.11.11")) flag++; if (hpux_check_patch(app:"OS-Core.SYS-ADMIN", version:"B.11.11")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_34763.NASL description s700_800 11.00 user/group(add/mod/del)(1M) cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user last seen 2020-06-01 modified 2020-06-02 plugin id 22328 published 2006-09-12 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22328 title HP-UX PHCO_34763 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHCO_34763. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(22328); script_version("1.12"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2006-1248"); script_xref(name:"HP", value:"emr_na-c00614838"); script_xref(name:"HP", value:"HPSBUX02102"); script_xref(name:"HP", value:"SSRT051078"); script_name(english:"HP-UX PHCO_34763 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.00 user/group(add/mod/del)(1M) cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user's new home directory. This may result in unauthorized access to these directories and files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00614838 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?db51d206" ); script_set_attribute( attribute:"solution", value:"Install patch PHCO_34763 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/05/30"); script_set_attribute(attribute:"patch_modification_date", value:"2006/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/09/12"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.00")) { exit(0, "The host is not affected since PHCO_34763 applies to a different OS release."); } patches = make_list("PHCO_34763"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OS-Core.ADMN-ENG-A-MAN", version:"B.11.00")) flag++; if (hpux_check_patch(app:"OS-Core.SYS-ADMIN", version:"B.11.00")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_34764.NASL description s700_800 11.23 ugm cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user last seen 2020-06-01 modified 2020-06-02 plugin id 22329 published 2006-09-12 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22329 title HP-UX PHCO_34764 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHCO_34764. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(22329); script_version("1.16"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2006-1248"); script_xref(name:"HP", value:"emr_na-c00614838"); script_xref(name:"HP", value:"HPSBUX02102"); script_xref(name:"HP", value:"SSRT051078"); script_name(english:"HP-UX PHCO_34764 : HP-UX usermod(1M) Local Unauthorized Access. (HPSBUX02102 SSRT051078 rev.4)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 ugm cumulative patch : A vulnerability has been identified with certain versions of the HP-UX usermod(1M) command. A certain combination of options can result in recursively changing the ownership of all directories and files under a user's new home directory. This may result in unauthorized access to these directories and files." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00614838 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?db51d206" ); script_set_attribute( attribute:"solution", value:"Install patch PHCO_34764 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/18"); script_set_attribute(attribute:"patch_modification_date", value:"2006/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/09/12"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHCO_34764 applies to a different OS release."); } patches = make_list("PHCO_34764", "PHCO_35874", "PHCO_36239", "PHCO_37178", "PHCO_37291", "PHCO_38491", "PHCO_43189"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OS-Core.ADMN-ENG-A-MAN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"OS-Core.SYS-ADMIN", version:"B.11.23")) flag++; if (hpux_check_patch(app:"OS-Core.SYS2-ADMIN", version:"B.11.23")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
accepted 2007-02-20T13:39:29.984-05:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Nabil Ouchn organization Security-Database
description Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended. family unix id oval:org.mitre.oval:def:1098 status accepted submitted 2006-03-18T07:24:00.000-04:00 title usermod Recursive Ownership Error (B.11.23) version 36 accepted 2007-04-10T13:44:28.730-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Nabil Ouchn organization Security-Database
description Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended. family unix id oval:org.mitre.oval:def:772 status accepted submitted 2006-03-18T07:24:00.000-04:00 title HP-UX Usermod Local Unauthorized Access Vulnerability instead of usermod Recursive Ownership Error. version 36 accepted 2014-03-24T04:01:57.674-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Todd Dolinsky organization Opsware, Inc. name Michael Wood organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard
description Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended. family unix id oval:org.mitre.oval:def:785 status accepted submitted 2006-03-18T07:24:00.000-04:00 title HP-UX usermod(1M) Local Unauthorized Access. version 43
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838
- http://secunia.com/advisories/19305
- http://secunia.com/advisories/19305
- http://securitytracker.com/id?1015782
- http://securitytracker.com/id?1015782
- http://securitytracker.com/id?1015834
- http://securitytracker.com/id?1015834
- http://www.securityfocus.com/bid/17143
- http://www.securityfocus.com/bid/17143
- http://www.vupen.com/english/advisories/2006/0997
- http://www.vupen.com/english/advisories/2006/0997
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25311
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25311
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1098
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1098
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A772
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A772
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A785
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A785