VULHUB ™

HP-UX stmkfont is reported prone to a local privilege escalation vulnerability. This issue is due to the handling of paths to external executables by stmkfont, allowing an attacker-specified program to be run with the privileges of stmkfont. stmkfont is typically installed with setgid 'bin' privileges. All Avaya PDS 9 and 11 platforms are vulnerable to this issue. Avaya PDS 12 platforms running on HP-UX 11.00 are vulnerable as well. PDS 12 versions running on HP-UX 11.11 are not vulnerable.

HP-UX stmkfont is reported prone to a local privilege escalation vulnerability. This issue is due to the handling of paths to external executables by stmkfont, allowing an attacker-specified program to be run with the privileges of stmkfont. stmkfont is typically installed with setgid 'bin' privileges. All Avaya PDS 9 and 11 platforms are vulnerable to this issue. Avaya PDS 12 platforms running on HP-UX 11.00 are vulnerable as well. PDS 12 versions running on HP-UX 11.11 are not vulnerable.