Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1097

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-1097
Last Modified 04 Mar 2009 12:19:41
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1097

Summary

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.

Vulnerable Systems

Operating System

  • Hp-ux 10.10

  • Hp-ux 10.16

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 10.26

  • Hp-ux 10.30

  • Hp-ux 10.34

  • Hp-ux 11.00

  • Hp-ux 11.04

  • Hp-ux 11.11

  • Hp-ux 11.20

  • Hp-ux 11.22


References

HP - HPSBUX0304-257

CERT-VN - VU#322540

BID - 7459

CIAC - N-088

XF - hp-rexec-command-bo(11890)

BUGTRAQ - 20030429 HPUX rexec buffer overflow vulnerability


Last Updated: 27 May 2016 10:38:14