Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1360

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-1360
Last Modified 05 Sep 2008 12:00:00
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1360

Summary

Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

Vulnerable Systems

Operating System

  • Hp-ux 10.00

  • Hp-ux 10.01

  • Hp-ux 10.08

  • Hp-ux 10.09

  • Hp-ux 10.10

  • Hp-ux 10.16

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 10.26

  • Hp-ux 10.30

  • Hp-ux 10.34


References

XF - hp-landiag-lanadmin-bo(11314)

BID - 6834

BUGTRAQ - 20030610 [LSD] HP-UX security vulnerabilities

HP - HPSBUX0302-243

SREASON - 3236


Last Updated: 27 May 2016 10:38:20