• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20010727 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20090302)
Votes (Legacy)
ACCEPT(5) Baker, Bishop, Cole, Williams, Ziese
MODIFY(1) Frech
NOOP(2) Foat, Wall
REVIEWING(1) Christey
Comments (Legacy)
 Frech> XF:hp-asecure-dos(6212)
   Possible duplicate of CVE-2000-0083: HP asecure creates the
   Audio Security File audio.sec with insecure permissions, which allows
   local users to cause a denial of service or gain additional
 Williams> Frech - this is not a dupe of CVE-2000-0083.
 Christey> While this advisory is vaguely worded, the fact that HP did an
   advisory for the other asecure problem (now CVE-2000-0083)
   indicates at the very least that this problem occurs in
   a different version than CVE-2000-0083, so CD:SF-LOC
   suggests a SPLIT.  However, the HP advisory says "10.X"
   and "11.X" are affected, so who knows what versions they
   *really* mean?
 CHANGE> [Christey changed vote from NOOP to REVIEWING]

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.