CVE-2009-0207

Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=123792744311063&w=2	Patch
http://secunia.com/advisories/34419
http://www.securityfocus.com/bid/34226	Patch
http://www.securitytracker.com/id?1021891
http://www.vupen.com/english/advisories/2009/0823
https://exchange.xforce.ibmcloud.com/vulnerabilities/49403
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6352

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:vrtsodm:3.5:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

cpe:2.3:a:oracle:vrtsodm:5.0:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*

OR	cpe:2.3:a:oracle:vrtsodm:4.1:::::::*
	cpe:2.3:a:oracle:vrtsodm:5.0:::::::*
	cpe:2.3:a:oracle:vrtsvxfs:4.1:::::::*
	cpe:2.3:a:oracle:vrtsvxfs:5.0:::::::*

History

No history.

Information

Published : 2009-03-25 01:30

Updated : 2024-02-28 11:21

NVD link : CVE-2009-0207

Mitre link : CVE-2009-0207

CVE.ORG link : CVE-2009-0207

JSON object : View

Products Affected

oracle

vrtsvxfs
vrtsodm

hp

hp-ux

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-0207", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-03-25T01:30:00.420", "references": [{"url": "http://marc.info/?l=bugtraq&m=123792744311063&w=2", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/34419", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/34226", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1021891", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/0823", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49403", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6352", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in HP-UX B.11.11 running VERITAS Oracle Disk Manager (VRTSodm) 3.5, B.11.23 running VRTSodm 4.1 or VERITAS File System (VRTSvxfs) 4.1, B.11.23 running VRTSodm 5.0 or VRTSvxfs 5.0, and B.11.31 running VRTSodm 5.0 allows local users to gain root privileges via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad inespecifica en HP-UX vB.11.11 corriendo VERITAS Oracle Disk Manager (VRTSodm) v3.5, vB.11.23 version VRTSodm v4.1 o VERITAS File System (VRTSvxfs) v4.1, vB.11.23 corriendo VRTSodm v5.0 o VRTSvxfs v5.0, y vB.11.31 corriendo VRTSodm v5.0 permite a usuarios locales conseguir privilegios de root a trav\u00e9s de vectores desconocidos."}], "lastModified": "2017-09-29T01:33:40.763", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "972D4ABF-2E80-4902-910D-5BD0CBEC9765"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vrtsodm:3.5:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4C55364-6E56-4638-ACAE-EAFE8AAE3B22"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vrtsodm:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F9D0EBC-7CD9-4F24-97AB-79FE788EDED4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12C73959-3E02-4847-8962-651D652800EE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:vrtsodm:4.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "223E04E3-8BD1-4FAE-B0B2-0D31B186DE97"}, {"criteria": "cpe:2.3:a:oracle:vrtsodm:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F9D0EBC-7CD9-4F24-97AB-79FE788EDED4"}, {"criteria": "cpe:2.3:a:oracle:vrtsvxfs:4.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3143959-9791-4EBC-B02A-870211DD6EDF"}, {"criteria": "cpe:2.3:a:oracle:vrtsvxfs:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9A2BB361-9948-40D7-ACF9-04F139B86BBC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}