Vulnerabilities > CVE-2009-4184 - Privilege Escalation vulnerability in HP Enterprise Cluster Master Toolkit B.05.00
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
NONE Summary
Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 2 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_40229.NASL description s700_800 11.23 ECMT B.05.00 patch : A potential security vulnerability has been identified on HP Enterprise Cluster Master Toolkit (ECMT) version B.05.00 running on HP-UX. This vulnerability could be exploited by local users to gain unauthorized access. last seen 2020-06-01 modified 2020-06-02 plugin id 44404 published 2010-02-08 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44404 title HP-UX PHSS_40229 : HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access (HPSBUX02464 SSRT090210 rev.1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_40229. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(44404); script_version("1.12"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2009-4184"); script_xref(name:"HP", value:"emr_na-c01894850"); script_xref(name:"HP", value:"HPSBUX02464"); script_xref(name:"HP", value:"SSRT090210"); script_name(english:"HP-UX PHSS_40229 : HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access (HPSBUX02464 SSRT090210 rev.1)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.23 ECMT B.05.00 patch : A potential security vulnerability has been identified on HP Enterprise Cluster Master Toolkit (ECMT) version B.05.00 running on HP-UX. This vulnerability could be exploited by local users to gain unauthorized access." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2836dd8b" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_40229 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/03"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23")) { exit(0, "The host is not affected since PHSS_40229 applies to a different OS release."); } patches = make_list("PHSS_40229", "PHSS_40791", "PHSS_40986", "PHSS_41315"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"SG-Oracle-Tool.CM-ORACLE", version:"B.05.00")) flag++; if (hpux_check_patch(app:"SG-Sybase-Tool.CM-SYBASE", version:"B.05.00")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_40230.NASL description s700_800 11.31 ECMT B.05.00 patch : A potential security vulnerability has been identified on HP Enterprise Cluster Master Toolkit (ECMT) version B.05.00 running on HP-UX. This vulnerability could be exploited by local users to gain unauthorized access. last seen 2020-06-01 modified 2020-06-02 plugin id 44405 published 2010-02-08 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44405 title HP-UX PHSS_40230 : HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access (HPSBUX02464 SSRT090210 rev.1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_40230. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(44405); script_version("1.12"); script_cvs_date("Date: 2019/07/10 16:04:14"); script_cve_id("CVE-2009-4184"); script_xref(name:"HP", value:"emr_na-c01894850"); script_xref(name:"HP", value:"HPSBUX02464"); script_xref(name:"HP", value:"SSRT090210"); script_name(english:"HP-UX PHSS_40230 : HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access (HPSBUX02464 SSRT090210 rev.1)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.31 ECMT B.05.00 patch : A potential security vulnerability has been identified on HP Enterprise Cluster Master Toolkit (ECMT) version B.05.00 running on HP-UX. This vulnerability could be exploited by local users to gain unauthorized access." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2836dd8b" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_40230 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/03"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/08"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.31")) { exit(0, "The host is not affected since PHSS_40230 applies to a different OS release."); } patches = make_list("PHSS_40230", "PHSS_40792", "PHSS_40987", "PHSS_41316"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"SG-Oracle-Tool.CM-ORACLE", version:"B.05.00")) flag++; if (hpux_check_patch(app:"SG-Sybase-Tool.CM-SYBASE", version:"B.05.00")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
accepted 2015-04-20T04:00:17.778-04:00 class vulnerability contributors name Aslesha Nargolkar organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard name Prashant Kumar organization Hewlett-Packard name Mike Cokus organization The MITRE Corporation
description Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors. family unix id oval:org.mitre.oval:def:12172 status accepted submitted 2010-10-25T11:54:30.000-05:00 title HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access version 48 accepted 2015-04-20T04:02:37.718-04:00 class vulnerability contributors name Pai Peng organization Hewlett-Packard name Sushant Kumar Singh organization Hewlett-Packard name Prashant Kumar organization Hewlett-Packard name Mike Cokus organization The MITRE Corporation
description Unspecified vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) B.05.00 on HP-UX B.11.23 (11i v2) and HP-UX B.11.31 (11i v3) allows local users to gain access to an Oracle or Sybase database via unknown vectors. family unix id oval:org.mitre.oval:def:8305 status accepted submitted 2010-03-23T16:01:39.000-04:00 title HP Enterprise Cluster Master Toolkit (ECMT) running on HP-UX, Local Unauthorized Access version 46
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01894850
- http://secunia.com/advisories/38423
- http://www.securityfocus.com/bid/38035
- http://www.securitytracker.com/id?1023523
- http://www.vupen.com/english/advisories/2010/0272
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12172
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8305