HP-UX HP Power Manager Remote Agent (RA) privilege escalation
| hpux-hppower-privilege-escalation (33965) |  High Risk |
Description:
An unspecified vulnerability in the HP Power Manager Remote Agent (RA) used by certain versions of HP-UX could allow a local authenticated attacker to execute arbitrary code with elevated privileges.
Platforms Affected:
- HP, HP-UX B.11.11
- HP, HP-UX B.11.23
- HP, Power Manager Remote Agent 4.0_build_10
Remedy:
Refer to HPSBMA02197 SSRT061285 for patch, upgrade, or suggested workaround information. See References.
Consequences:
Gain Privileges
References:
- HPSBMA02197 SSRT061285 , HP-UX Running HP Power Manager Remote Agent (RA), Local Execution of Arbitrary Code with Root Privileges at http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00819543.
- BID-23703: HP Power Manager Remote Agent Local Privilege Escalation Vulnerability
- CVE-2007-2351: Unspecified vulnerability in the HP Power Manager Remote Agent (RA) 4.0Build10 and earlier in HP-UX B.11.11 and B.11.23 allows local users to execute arbitrary code via unspecified vectors.
- SA25066: HP Power Manager Remote Agent Unspecified Code Execution
- SECTRACK ID: 1017977: HP Power Manager Remote Agent Lets Local Users Gain Root Privileges
- VUPEN/ADV-2007-1574: HP-UX Power Manager Remote Agent Unspecified Privilege Escalation Vulnerability
Reported:
Apr 25, 2007
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net