New Search

HP-UX Running shar(1) Local Execution of Arbitrary Code

oval:org.mitre.oval:def:5788

shar on HP-UX B.11.00 B.11.04 and B.11.11 creates temporary files with predictable names in /tmp which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2003-1099
Product(s):