Oval Definition:oval:org.mitre.oval:def:5804
Revision Date:2014-03-24Version:21
Title:HP-UX Running Software Distributor Local Elevation of Privilege
Description:Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-5558
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02114
  • HP Release B.11.04
  • AND SW-DIST.SD-CMDS is installed
  • AND NOT Patch PHCO_34814 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02114
  • HP-UX B.11.23
  • AND SW-DIST.SD-CMDS version is less than B.11.23.0606.045
  • OR Criteria meets HP Security Bulletin HPSBUX02114
  • HP-UX B.11.11
  • AND SW-DIST.SD-CMDS is installed
  • AND NOT Patch PHCO_34539 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02114
  • HP Release B.11.00
  • AND SW-DIST.SD-CMDS is installed
  • AND NOT Patch PHCO_34568 is installed
    • BACK