HP-UX auto_parms Arbitrary Command Execution Vulnerability

HP-UX ships with a script called auto_parms that is used when the system is starting up. If the file "install.vars" exists in /tmp when the system is booted up, auto_parms executes commands within this file as root. It is possible for a local user to create a malicious install.vars that can cause arbitrary commands to be executed when the system is rebooted. This can be used to gain root access on the victim host.


 

Privacy Statement
Copyright 2010, SecurityFocus