CVE-2002-1617

Severity

72%

Complexity

39%

Confidentiality

165%

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 22 years ago

2002-12-31 05:00:00

Last updated 13 years ago

2011-03-08 02:10:00

Affected Software

HP Tru64 UNIX 5.1B PK2 BL22

5.1b_pk2_bl22

References

20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification

http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt

Exploit

http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt

Exploit

http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt

Exploit

http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt

Exploit

VU#202939

US Government Resource

VU#600699

US Government Resource

VU#836275

US Government Resource

VU#931579

US Government Resource

20020902 Happy Labor Day from Snosoft

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.