Description
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
Products
- HP-UX
- HP-UX family of operating systems
- HP HP-UX 10.00
- HP HP-UX 10.01
- HP HP-UX 10.2
- HP HP-UX 10.3
- HP HP-UX 10.8
- HP HP-UX 10.9
- HP HP-UX 10.10
- HP HP-UX 10.16
- HP HP-UX 10.20
- HP HP-UX 10.24
- HP HP-UX 10.26
- HP HP-UX 10.30
- HP HP-UX 10.34
- HP HP-UX 10
- HP HP-UX 11.0.4
- HP-UX 11.00
- HP HP-UX 11.04
- HP-UX 11.10
- HP-UX 11.11
- HP HP-UX 11.11i
- HP-UX 11i v1.5
- HP-UX 11i v1.6
- HP-UX 11i v2
- HP HP-UX 11.2
- HP-UX 11i v3
- HP HP-UX 11.4
- HP-UX 11 family
- HP HP-UX 11i v3.0
- HP HP-UX 7.0
- HP HP-UX 7.2
- HP HP-UX 7.4
- HP HP-UX 7.6
- HP HP-UX 7.8
- HP HP-UX 8.0
- HP HP-UX 8.1
- HP HP-UX 8.02
- HP HP-UX 8.4
- HP HP-UX 8.5
- HP HP-UX 8.06
- HP HP-UX 8.7
- HP HP-UX 8.8
- HP HP-UX 8.9
- HP HP-UX 8
- HP HP-UX 9.0
- HP HP-UX 9.01
- HP HP-UX 9.3
- HP HP-UX 9.4
- HP HP-UX 9.05
- HP HP-UX 9.6
- HP HP-UX 9.7
- HP HP-UX 9.8
- HP HP-UX 9.9
- HP HP-UX 9.10
- HP HP-UX 9
- HP-UX B.11.00
- HP-UX B.11.11
- HP-UX B.11.22
- HP-UX B.11.23
- HP-UX B.11.31
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-1999-0333, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-1999-0333 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References