{"vuid":"VU#314776","idnumber":"314776","name":"Hewlett Packard HP-UX pcltotiff is installed with insecure permissions","keywords":["Hewlett PackardHP-UX","pcltotiff","HPSBUX0104-149"],"overview":"The utility pcltotiff is installed with insecure permissions on some Hewlett Packard systems.","clean_desc":"The HP utility pcltotiff is installed with sgid bin permissions in order to read files  in /usr/lib/X11/fonts/ifo.st/typefaces/. This gives more permissions to pcltotiff than are required. For more information, see HP Security Bulletin HPSBUX0104-149.","impact":"The complete impact of this vulnerability is not yet known. Hewlett Packard lists the impact as \"Denial of service,\" but it is unclear why.","resolution":"Change the permissions on the file as described in HP bulletin.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Shawn V. Hernan.","public":["h","t","t","p",":","/","/","w","w","w",".","s","e","c","u","r","i","t","y","f","o","c","u","s",".","c","o","m","/","b","i","d","/","2","6","4","6"],"cveids":["CVE-2001-0488"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-04-24T22:23:51Z","publicdate":"2001-04-24T00:00:00Z","datefirstpublished":"2001-08-15T23:30:32Z","dateupdated":"2001-08-17T21:25:50Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"15","cam_impact":"3","cam_easeofexploitation":"20","cam_attackeraccessrequired":"10","cam_scorecurrent":"2.53125","cam_scorecurrentwidelyknown":"3.375","cam_scorecurrentwidelyknownexploited":"6.75","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.53125,"vulnote":null}