CVE-2006-1248

Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838
http://secunia.com/advisories/19305
http://securitytracker.com/id?1015782
http://securitytracker.com/id?1015834
http://www.securityfocus.com/bid/17143
http://www.vupen.com/english/advisories/2006/0997
https://exchange.xforce.ibmcloud.com/vulnerabilities/25311
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1098
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A772
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A785

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:hp:hp-ux:11.00:::::::*
	cpe:2.3:o:hp:hp-ux:11.11:::::::*
	cpe:2.3:o:hp:hp-ux:11.23::ia64_64-bit:::::

History

No history.

Information

Published : 2006-03-17 19:02

Updated : 2023-12-10 10:28

NVD link : CVE-2006-1248

Mitre link : CVE-2006-1248

CVE.ORG link : CVE-2006-1248

JSON object : View

Products Affected

hp

hp-ux

CWE

NVD-CWE-Other

{"id": "CVE-2006-1248", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-03-17T19:02:00.000", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00614838", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19305", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015782", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015834", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/17143", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0997", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25311", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1098", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A772", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A785", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended."}], "lastModified": "2017-10-11T01:30:42.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647"}, {"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F"}, {"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}