CVE-2007-0805

HP Tru64 UNIX 5.1 1885 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0805. PoCs published by bunker.

AI-analyzed exploit summary This exploit demonstrates an information leak vulnerability in the `ps` command on HP OSF1 V5.1 Alpha, allowing unprivileged users to view environment variables of all processes. The script executes both default and `/usr/ucb/ps` commands to display sensitive process details.

Description

The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.

Exploits (1)

exploitdb WORKING POC VERIFIED

by bunker · localtru64

https://www.exploit-db.com/exploits/3273

View Code ZIP pw:eip

This exploit demonstrates an information leak vulnerability in the `ps` command on HP OSF1 V5.1 Alpha, allowing unprivileged users to view environment variables of all processes. The script executes both default and `/usr/ucb/ps` commands to display sensitive process details.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: HP OSF1 V5.1 Alpha (ps command)

No auth needed

Prerequisites: Access to a vulnerable HP OSF1 V5.1 Alpha system

MITRE ATT&CK

T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00817515

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/24041

Exploit x_refsource_misc

http://rawlab.mindcreations.com/codes/exp/nix/osf1tru64ps.ksh

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/32276

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/33113

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052227.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1017592

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/459266/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1018005

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25135

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/459275/100/0/threaded

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/1654

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/459593/100/200/threaded

Scores

EPSS 0.0094

EPSS Percentile 56.2%

Details

Status published

Products (1)

hp/tru64 5.1

Published Feb 07, 2007

Tracked Since Feb 18, 2026