Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2011-4834

Published: 15/12/2011 Updated: 09/10/2018
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Application Lifestyle Management

Vulnerability Summary

The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.

Vulnerable Product Search on Vulmon Subscribe to Product

hp application_lifestyle_management 11

Exploits

Exploit DB: HP Application Lifestyle Management 11 - 'GetInstalledPackages' Local Privilege Escalation
source: wwwsecurityfocuscom/bid/50982/info HP Application Lifestyle Management is prone to a local privilege-escalation vulnerability Local attackers can exploit this issue to execute arbitrary code with elevated privileges #!/bin/bash # Simple PoC : Run as user, when vulnerable function is called # /home/user/binary_to_run_as_root i ...

References

CWE-264http://secunia.com/advisories/47040http://0a29.blogspot.com/2011/12/0a29-11-2-privilege-escalation.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/71698http://www.securityfocus.com/archive/1/520783/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/36430/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook