Vulnerabilities > CVE-2006-5558 - Local Format String vulnerability in HP-UX Software Distributor SWAsk
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Exploit-Db
| description | HP-UX 11i (swask) Format String Local Root Exploit. CVE-2006-5558. Local exploit for hp-ux platform |
| file | exploits/hp-ux/local/2635.c |
| id | EDB-ID:2635 |
| last seen | 2016-01-31 |
| modified | 2006-10-24 |
| platform | hp-ux |
| port | |
| published | 2006-10-24 |
| reporter | prdelka |
| source | https://www.exploit-db.com/download/2635/ |
| title | HP-UX 11i swask Format String Local Root Exploit |
| type | local |
Oval
| accepted | 2014-03-24T04:01:47.756-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| description | Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:5804 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2008-07-08T17:01:37.000-04:00 | ||||||||||||
| title | HP-UX Running Software Distributor Local Elevation of Privilege | ||||||||||||
| version | 40 |