Summaryinfo

A vulnerability was found in Unix. It has been declared as critical. This vulnerability affects unknown code of the component Process Group Handler. The manipulation leads to privileges management. There is no exploit available. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability was found in Unix (Operating System) (version unknown). It has been classified as critical. This affects an unknown function of the component Process Group Handler. The manipulation with an unknown input leads to a privileges management vulnerability. CWE is classifying the issue as CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was disclosed 03/01/1985 (Website). The advisory is shared at securitydigest.org. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1068 for this issue.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the vulnerability database at OSVDB (585†). The entries VDB-94859, VDB-94854 and VDB-94853 are pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Operating System

Name

• Unix

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion