CVE-2010-1973

Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=127905660900687&w=2	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=127905660900687&w=2	Patch Vendor Advisory
http://securitytracker.com/id?1024190
http://marc.info/?l=bugtraq&m=127905660900687&w=2	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=127905660900687&w=2	Patch Vendor Advisory
http://securitytracker.com/id?1024190

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:openvms:6.2:::::::*
	cpe:2.3:a:hp:openvms:7.2:::::::*
	cpe:2.3:a:hp:openvms:7.2-1:::::::*
	cpe:2.3:a:hp:openvms:7.2-1h1:::::::*
	cpe:2.3:a:hp:openvms:7.2-2:::::::*
	cpe:2.3:a:hp:openvms:7.2-6c2:::::::*
	cpe:2.3:a:hp:openvms:7.3-1:::::::*
	cpe:2.3:a:hp:openvms:8.2:::::::*
	cpe:2.3:a:hp:openvms:8.3:::::::*
	cpe:2.3:o:hp:openvms::::::::
	cpe:2.3:o:hp:openvms:7.3:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:hp:openvms:8.2:::::::*
	cpe:2.3:a:hp:openvms:8.3:::::::*
	cpe:2.3:a:hp:openvms:8.3-1h1:::::::*
	cpe:2.3:o:hp:openvms::::::::

History

21 Nov 2024, 01:15

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=127905660900687&w=2 - Patch, Vendor Advisory~~	() http://marc.info/?l=bugtraq&m=127905660900687&w=2 - Patch, Vendor Advisory
References	~~() http://securitytracker.com/id?1024190 -~~	() http://securitytracker.com/id?1024190 -

Information

Published : 2010-07-22 05:43

Updated : 2024-11-21 01:15

NVD link : CVE-2010-1973

Mitre link : CVE-2010-1973

CVE.ORG link : CVE-2010-1973

JSON object : View

Products Affected

hp

openvms

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-1973", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-07-22T05:43:06.140", "references": [{"url": "http://marc.info/?l=bugtraq&m=127905660900687&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://marc.info/?l=bugtraq&m=127905660900687&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://securitytracker.com/id?1024190", "source": "hp-security-alert@hp.com"}, {"url": "http://marc.info/?l=bugtraq&m=127905660900687&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=127905660900687&w=2", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1024190", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on the ALPHA platform, and 8.3-1H1, 8.3, 8.2-1, and earlier on the Itanium platform, allows local users to gain privileges or obtain sensitive information via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Auditing subsystem de HP OpenVMS v8.3, 8.2, 7.3-2 y anteriores en la plataforma ALPHA y 8.3-1H1, 8.3, 8.2-1 y anteriores en la plataforma Itanium; permite a usuarios locales ganar privilegios u obtener informaci\u00f3n sensible a trav\u00e9s de vectores desconocidos."}], "lastModified": "2024-11-21T01:15:36.737", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:openvms:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "405AB822-18C1-4670-A356-821026BD06AD"}, {"criteria": "cpe:2.3:a:hp:openvms:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA00EF35-2B02-4DB6-90A9-0C13F3F7FE1A"}, {"criteria": "cpe:2.3:a:hp:openvms:7.2-1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDC9DC1B-6384-4410-93FA-8F1052C89EDC"}, {"criteria": "cpe:2.3:a:hp:openvms:7.2-1h1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FC1D2D6-9724-48E4-8C37-0891EC46885E"}, {"criteria": "cpe:2.3:a:hp:openvms:7.2-2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7335396-4B8F-4541-AA89-C18A6B6114C2"}, {"criteria": "cpe:2.3:a:hp:openvms:7.2-6c2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CC1C2B8-69F6-44A7-884B-F741CE38B112"}, {"criteria": "cpe:2.3:a:hp:openvms:7.3-1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BB9C9E2-6A34-4718-8AA7-63B8C80FC024"}, {"criteria": "cpe:2.3:a:hp:openvms:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643999CE-B5A0-4F72-AE11-8811701A296D"}, {"criteria": "cpe:2.3:a:hp:openvms:8.3:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C447F682-D584-4704-8195-21ABE097CC66"}, {"criteria": "cpe:2.3:o:hp:openvms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3986B0C-FC2C-4756-9F34-11E732042251", "versionEndIncluding": "7.3"}, {"criteria": "cpe:2.3:o:hp:openvms:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "077BDB9B-C116-452D-8133-8180E06F546F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:openvms:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643999CE-B5A0-4F72-AE11-8811701A296D"}, {"criteria": "cpe:2.3:a:hp:openvms:8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C447F682-D584-4704-8195-21ABE097CC66"}, {"criteria": "cpe:2.3:a:hp:openvms:8.3-1h1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61024D8E-7979-412B-BE47-C3BD83737A14"}, {"criteria": "cpe:2.3:o:hp:openvms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C82B103-F26D-44D2-BBA2-CD9FDE5140CC", "versionEndIncluding": "7.3-2"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://marc.info/?l=bugtraq&m=127905660900687&w=2\r\n\r\n'impacted versions are listed.\r\nHP OpenVMS ALPHA v 8.3, v 8.2, v 7.3-2 and earlier\r\nHP OpenVMS Itanium v 8.3-1H1, v 8.3, v 8.2-1 and earlier'", "sourceIdentifier": "hp-security-alert@hp.com", "evaluatorSolution": "Per: http://marc.info/?l=bugtraq&m=127905660900687&w=2\r\n\r\n'HP has made the following patch kits available to resolve the vulnerability.\r\nPatch kit information and installation instructions are provided with each kit as noted below . The patch kits and installation instructions are available from the following location using anonymous ftp:\r\n\r\nftp://ftp.itrc.hp.com/openvms_patches\r\n"}