CVE-2004-1328

Vulnerability

A potential vulnerability has been identified in the newgrp(1) command on HP-UX B.11.00, B.11.04, and B.11.11. The exact nature of the bug is not disclosed in available references, but it resides in the newgrp utility, which is part of the OS-Core.CMDS-AUX fileset on B.11.00 and B.11.11, and OS-Core.CORE-SHLIBS on B.11.04 [1]. The vulnerability allows local users to gain elevated privileges under unknown conditions [1].

Exploitation

The exploitation requires local access to an affected HP-UX system [1]. The attacker must be an authorized user. The specific sequence of steps to trigger the vulnerability is not described in the available references [1].

Impact

Successful exploitation allows a local user to elevate their privileges on the system [1]. The exact privilege level gained is not specified, but it is implied to be a higher privilege than the attacker initially had [1]. The confidentiality, integrity, and availability impact are not detailed.

Mitigation

HP has released patches to address this issue: PHCO_29682 for B.11.00, PHCO_32280 for B.11.04, and PHCO_26385 for B.11.11 [1]. These patches are available from the HP IT Resource Center (http://itrc.hp.com) [1]. No workarounds are provided in the reference [1]. The vulnerability is not listed in the CISA KEV catalog.