Vulnerability Name:

CVE-2006-0436 (CCN-24318)

Assigned:2006-01-25
Published:2006-01-25
Updated:2017-10-11
Summary:Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX02091
SSRT061099 rev.1 - HP-UX Local Increased Privilege

Source: MITRE
Type: CNA
CVE-2006-0436

Source: CCN
Type: SA18596
Avaya PDS HP-UX Unspecified Privilege Escalation

Source: SECUNIA
Type: UNKNOWN
18596

Source: CCN
Type: SA18600
HP-UX Unspecified Privilege Escalation Vulnerability

Source: SECUNIA
Type: UNKNOWN
18600

Source: CCN
Type: SECTRACK ID: 1015530
HP-UX Unspecified Flaw Lets Local Users Gain Elevated Privileges

Source: SECTRACK
Type: Patch
1015530

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-025.htm

Source: CCN
Type: ASA-2006-025
HP-UX Local Increased Privilege (HPSBUX02091)

Source: CCN
Type: OSVDB ID: 22745
HP-UX Unspecified Local Privilege Escalation

Source: CCN
Type: BID-20718
HP-UX LibC TZ Environment Variable Local Buffer Overflow Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-0322

Source: HP
Type: UNKNOWN
SSRT061099

Source: XF
Type: UNKNOWN
hpux-unspecified-privilege-escalation(24318)

Source: XF
Type: UNKNOWN
hpux-unspecified-privilege-escalation(24318)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1453

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1577

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1586

Vulnerable Configuration:Configuration 1:
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.4:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:1586
    V
    		HP-UX Local Increased Privilege
    2014-03-24
    oval:org.mitre.oval:def:1453
    V
    		HP-UX Shared Library Privilege Escalation Vulnerability (B.11.11)
    2011-05-09
    oval:org.mitre.oval:def:1577
    V
    		HP-UX Shared Library Privilege Escalation Vulnerability (B.11.00)
    2011-05-09
    BACK
    hp hp-ux 11.00
    hp hp-ux 11.4
    hp hp-ux 11.11
    hp hp-ux b.11.00
    hp hp-ux b.11.11