There is a problem in the NM Debug facility of MPE/iX that allows users to gain unauthorized privileges.
The problem affects HP3000 systems running MPE/iX versions 5.5 through 6.5. HP has published a security bulletin describing the solution to this vulnerability (HPSBMP0102-008). The vulnerability is reported to involve incorrect handling of breakpoints. No additional details about the vulnerability are available.
The full impact of this vulnerability is not yet known, but it appears to allow local users to gain root privileges.
Apply the patches descriubed in the HP security bulletin.
This document was written by Cory F. Cohen.
|Date First Published:||2001-06-01|
|Date Last Updated:||2001-08-30 15:44 UTC|