Vulnerabilities > CVE-2007-0805 - Information Disclosure vulnerability in HP Tru64 5.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
Exploit-Db
| description | HP Tru64 Alpha OSF1 v5.1 (ps) Information Leak Exploit. CVE-2007-0805. Local exploit for tru64 platform |
| id | EDB-ID:3273 |
| last seen | 2016-01-31 |
| modified | 2007-02-06 |
| published | 2007-02-06 |
| reporter | bunker |
| source | https://www.exploit-db.com/download/3273/ |
| title | HP Tru64 Alpha OSF1 5.1 - ps Information Leak Exploit |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html
- http://osvdb.org/33113
- http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh
- http://secunia.com/advisories/24041
- http://secunia.com/advisories/25135
- http://securitytracker.com/id?1017592
- http://www.securityfocus.com/archive/1/459266/100/0/threaded
- http://www.securityfocus.com/archive/1/459275/100/0/threaded
- http://www.securityfocus.com/archive/1/459593/100/200/threaded
- http://www.securitytracker.com/id?1018005
- http://www.vupen.com/english/advisories/2007/1654
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32276