Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1605

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1605
Last Modified 07 Mar 2011 09:10:31
Published 02 Sep 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1605

Summary

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

Vulnerable Systems

Operating System

  • Hp Tru64 4.0f

  • Hp Tru64 4.0g

  • Hp Tru64 5.0a

  • Hp Tru64 5.1

  • Hp Tru64 5.1a

  • Hp-ux 10.20

  • Hp-ux 11.00

  • Hp-ux 11.04

  • Hp-ux 11.11

  • Hp-ux 11.22


References

CERT-VN - VU#693803

CERT-VN - VU#584243

CERT-VN - VU#569987

XF - tru64-multiple-binaries-bo(10016)

BUGTRAQ - 20020902 Happy Labor Day from Snosoft

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txt

FULLDISC - 20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification

HP - SSRT2275


Last Updated: 27 May 2016 10:37:24