CVE-2001-1509 — Return of Wrong Status Code in HP Hp-ux

CWE-393 — Return of Wrong Status Code4 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 71.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux

Timeline

PublishedDec 31

Latest updateApr 30

Description

geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDhp/hp-ux11.20

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-fgq4-xprg-7hcr: geteuid in Itanium Architecture (IA) running on HP-UX 11↗2022-04-30

▶

CVEList

CVE-2001-1509: geteuid in Itanium Architecture (IA) running on HP-UX 11↗2005-07-14

▶

📐Framework References

CWE

Return of Wrong Status Code↗

▶