Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0805

4 documents4 sources

Severity

2.1LOW

EPSS

0.9%

top 24.74%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Tru64

Timeline

PublishedFeb 7

Latest updateMay 1

Description

The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDhp/tru645.1

🔴Vulnerability Details

GHSA

GHSA-ccm4-xqqh-24h9: The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5↗2022-05-01

▶

CVEList

CVE-2007-0805: The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5↗2007-02-07

▶

💥Exploits & PoCs

Exploit-DB

HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak↗2007-02-06

▶