{"vuid":"VU#712632","idnumber":"712632","name":"Hewlett-Packard HP-UX Software Distributor (SD-UX) contains vulnerability permitting privilege escalation","keywords":["Hewlett-Packard","HP-UX","SD-UX","Software Distributor","HPSBUX0102-143"],"overview":"HP9000 Series 700/800 running HP-UX releases 10.01, 10.10, 10.20 and 11.00 are affected by a buffer overflow in Hewlett-Packard's HP-UX Software Distributor (SD-UX). A local user can exploit this vulnerability to gain elevated privileges.","clean_desc":"Several applications in SD-UX contain buffer overflows. SWVERIFY is one such component that is vulnerable. A local user can exploit this vulnerability to gain elevated privileges. An exploit is public.","impact":"A local user can gain a shell with the privileges of the SD-UX component exploited.","resolution":"Apply the patches as described in Hewlett-Packard's Security Bulletin #0143.","workarounds":"","sysaffected":"","thanks":"Our thanks to Hewlett-Packard for aiding in the identification of this vulnerability.","author":"This document was written by Jason Rafail.","public":["h","t","t","p",":","/","/","w","w","w",".","s","e","c","u","r","i","t","y","f","o","c","u","s",".","c","o","m","/","b","i","d","/","3","2","7","9"],"cveids":["CVE-2001-0979"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-03-01T19:50:17Z","publicdate":"2001-02-28T00:00:00Z","datefirstpublished":"2001-09-26T15:07:41Z","dateupdated":"2001-09-26T15:07:42Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"5","cam_impact":"19","cam_easeofexploitation":"15","cam_attackeraccessrequired":"10","cam_scorecurrent":"6.6796875","cam_scorecurrentwidelyknown":"6.6796875","cam_scorecurrentwidelyknownexploited":"12.0234375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":6.6796875,"vulnote":null}