Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1617

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1617
Last Modified 07 Mar 2011 09:10:37
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1617

Summary

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

Vulnerable Systems

Operating System

  • Hp Tru64 5.1b Pk2 Bl22


References

BUGTRAQ - 20020902 Happy Labor Day from Snosoft

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt

MISC - http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt

BUGTRAQ - 20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification


Last Updated: 27 May 2016 10:37:25