Vigil@nce - HP-UX: privilege elevation via Dynamic Loader
July 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use the Dynamic Loader, in order to create a
denial of service or to elevate his privileges.
Severity: 2/4
Creation date: 06/07/2011
IMPACTED PRODUCTS
– HP-UX
DESCRIPTION OF THE VULNERABILITY
The Dynamic Loader of HP-UX (/usr/lib/hpux32/dld.so) loads
dynamic libraries, which are required to execute a program.
A local attacker can use the Dynamic Loader, in order to create a
denial of service or to elevate his privileges.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/HP-UX-privilege-elevation-via-Dynamic-Loader-10811