Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1616

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1616
Last Modified 07 Mar 2011 09:10:32
Published 01 Aug 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1616

Summary

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

Vulnerable Systems

Operating System

  • Hp Tru64 4.0f

  • Hp Tru64 4.0g

  • Hp Tru64 5.0a

  • Hp Tru64 5.1

  • Hp Tru64 5.1af


References

CERT-VN - VU#193347

CERT-VN - VU#671627

CERT-VN - VU#177067

CERT-VN - VU#137555

XF - tru64-chfn-bo(10614)

BID - 5382

BID - 5381

BID - 5380

HP - SSRT2190

XF - tru64-dxchpwd-bo(11620)

BID - 5379

BUGTRAQ - 20020902 Happy Labor Day from Snosoft

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txt

HP - SSRT2192

HP - SSRT2257

HP - SSRT2259

FULLDISC - 20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification


Last Updated: 27 May 2016 10:37:25