CVE-2015-2126 : Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setu

Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.

Published 2015-07-06 14:59:00

Updated 2016-12-28 02:59:07

Source HP Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2015-2126

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

http://www.securityfocus.com/bid/75462

HP-UX CVE-2015-2126 Local Privilege Escalation Vulnerability
http://www.securitytracker.com/id/1032746

HP-UX 'pppoec' Access Permission Flaw Lets Local Users Gain Root Privileges - SecurityTracker
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04718530

HP Support for Technical Help and Troubleshooting | HP® Customer Service.
Vendor Advisory

HP » Hp-ux » Version: 11.11iv3
cpe:2.3:o:hp:hp-ux:11.11iv3:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.11iv2
cpe:2.3:o:hp:hp-ux:11.11iv2:*:*:*:*:*:*:*
Matching versions