| Vulnerability Name: | CCN-10330 | ||||||
| Published: | 2002-10-07 | ||||||
| Updated: | 2002-10-07 | ||||||
| Summary: | A vulnerability in the ypserv daemon in HP-UX, HP Tru64 UNIX, and possibly other vendor implementations could allow a local or remote attacker to read files on the system. This vulnerability could allow an attacker to obtain sensitive information that could be used to gain elevated privileges on the system or launch further attacks against the affected server. | ||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||
| CVSS v2 Severity: | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||
| Vulnerability Consequences: | Obtain Information | ||||||
| References: | Source: CCN Type: Compaq SECURITY BULLETIN SSRT2339 (ypxfrd) and SSRT2368 (ypserv) HP Tru64 UNIX Potential Security Vulnerability Source: CCN Type: BID-5914 Multiple Platforms ypserv Remote File Disclosure Vulnerability Source: XF Type: UNKNOWN ypserv-file-disclosure(10330) | ||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
| BACK | |||||||