Vulnerabilities > CVE-2009-0207 - Local Privilege Escalation vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 | |
Application | 5 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHKL_38795.NASL description s700_800 11.23 VRTS 5.0 MP1RP1 VRTSodm Kernel Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36062 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36062 title HP-UX PHKL_38795 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHKL_38795. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(36062); script_version("1.12"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2009-0207"); script_xref(name:"HP", value:"emr_na-c01674733"); script_xref(name:"HP", value:"HPSBUX02409"); script_xref(name:"HP", value:"SSRT080171"); script_name(english:"HP-UX PHKL_38795 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 VRTS 5.0 MP1RP1 VRTSodm Kernel Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01674733 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6f594e69" ); script_set_attribute( attribute:"solution", value:"Install patch PHKL_38795 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/03/24"); script_set_attribute(attribute:"patch_publication_date", value:"2009/03/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/03/31"); script_set_attribute(attribute:"patch_modification_date", value:"2009/12/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHKL_38795 applies to a different OS release."); } patches = make_list("PHKL_38795", "PHKL_42055", "PHKL_43106", "PHKL_43745"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"VRTSodm.ODM-KRN", version:"5.0.01.00")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-KRN", version:"5.0.01.01")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-MAN", version:"5.0.01.00")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-MAN", version:"5.0.01.01")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-RUN", version:"5.0.01.00")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-RUN", version:"5.0.01.01")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_39103.NASL description s700_800 11.23 VRTS 5.0 MP1RP4 VRTSvxfs Command Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36058 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36058 title HP-UX PHCO_39103 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHCO_39103. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(36058); script_version("1.16"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2009-0207"); script_xref(name:"HP", value:"emr_na-c01674733"); script_xref(name:"HP", value:"HPSBUX02409"); script_xref(name:"HP", value:"SSRT080171"); script_name(english:"HP-UX PHCO_39103 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 VRTS 5.0 MP1RP4 VRTSvxfs Command Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01674733 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6f594e69" ); script_set_attribute( attribute:"solution", value:"Install patch PHCO_39103 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/03/24"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/03/31"); script_set_attribute(attribute:"patch_modification_date", value:"2009/12/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHCO_39103 applies to a different OS release."); } patches = make_list("PHCO_38850", "PHCO_39103", "PHCO_40588", "PHCO_41468", "PHCO_41995", "PHCO_42730", "PHCO_43108", "PHCO_43747", "PHCO_44050"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"VRTSvxfs.VXFS-PRG", version:"5.0.01.04")) flag++; if (hpux_check_patch(app:"VRTSvxfs.VXFS-PRG", version:"5.0.01.05")) flag++; if (hpux_check_patch(app:"VRTSvxfs.VXFS-RUN", version:"5.0.01.04")) flag++; if (hpux_check_patch(app:"VRTSvxfs.VXFS-RUN", version:"5.0.01.05")) flag++; if (hpux_check_patch(app:"VRTSvxfs.VXFS-RUN-PALIB", version:"5.0.01.04")) flag++; if (hpux_check_patch(app:"VRTSvxfs.VXFS-RUN-PALIB", version:"5.0.01.05")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family HP-UX Local Security Checks NASL id HPUX_PHKL_39130.NASL description s700_800 11.31 VRTS 5.0 GARP2 VRTSodm Kernel Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36064 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36064 title HP-UX PHKL_39130 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHKL_39130. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(36064); script_version("1.15"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2009-0207"); script_xref(name:"HP", value:"emr_na-c01674733"); script_xref(name:"HP", value:"HPSBUX02409"); script_xref(name:"HP", value:"SSRT080171"); script_name(english:"HP-UX PHKL_39130 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.31 VRTS 5.0 GARP2 VRTSodm Kernel Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01674733 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?6f594e69" ); script_set_attribute( attribute:"solution", value:"Install patch PHKL_39130 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/03/24"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/03/31"); script_set_attribute(attribute:"patch_modification_date", value:"2009/12/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.31")) { exit(0, "The host is not affected since PHKL_39130 applies to a different OS release."); } patches = make_list("PHKL_39130", "PHKL_39471", "PHKL_41797", "PHKL_43683", "PHKL_44460"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"VRTSodm.ODM-KRN", version:"5.0.31.0")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-MAN", version:"5.0.31.0")) flag++; if (hpux_check_patch(app:"VRTSodm.ODM-RUN", version:"5.0.31.0")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_39132.NASL description s700_800 11.31 VRTS 5.0 GARP3 VRTSvxfs Command Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36061 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36061 title HP-UX PHCO_39132 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_39124.NASL description s700_800 11.11 VxFS 3.5-ga15 Command Cumulative Patch 10 : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36060 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36060 title HP-UX PHCO_39124 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_39027.NASL description s700_800 11.23 VRTS 4.1 MP2RP4 VRTSvxfs Commands Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36057 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36057 title HP-UX PHCO_39027 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_38913.NASL description s700_800 11.31 VRTS 5.0 GARP3 VRTSfsman Command Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36056 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36056 title HP-UX PHCO_38913 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHKL_39029.NASL description s700_800 11.23 VRTS 4.1 MP2RP2 VRTSodm Kernel Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36063 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36063 title HP-UX PHKL_39029 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHCO_39104.NASL description s700_800 11.23 VRTS 5.0 MP1RP4 VRTSfsman Command Patch : A potential security vulnerability has been identified with HP-UX running VRTSvxfs and VRTSodm. The vulnerability could be exploited locally to cause an escalation of privilege. VRTSvxfs and VRTSodm are bundled with Storage Management Suite (SMS) and Storage Management for Oracle (SMO). last seen 2020-06-01 modified 2020-06-02 plugin id 36059 published 2009-03-31 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36059 title HP-UX PHCO_39104 : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege (HPSBUX02409 SSRT080171 rev.3)
Oval
accepted | 2015-04-20T04:02:31.386-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
description | Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors. | ||||||||||||||||||||
family | unix | ||||||||||||||||||||
id | oval:org.mitre.oval:def:6352 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2009-12-09T14:52:58.000-05:00 | ||||||||||||||||||||
title | HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk Manager (VRTSodm), Local Escalation of Privilege | ||||||||||||||||||||
version | 45 |
References
- http://marc.info/?l=bugtraq&m=123792744311063&w=2
- http://secunia.com/advisories/34419
- http://www.securityfocus.com/bid/34226
- http://www.securitytracker.com/id?1021891
- http://www.vupen.com/english/advisories/2009/0823
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49403
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6352