HP Tru64 UNIX ".upd..loader" contains buffer overflow (SSRT2275)

2002-09-13T00:00:00
ID VU:506441
Type cert
Reporter CERT
Modified 2002-09-13T00:00:00

Description

Overview

The HP Tru64 UNIX implementation of ".upd..loader" contains a locally exploitable buffer overflow.

Description

A locally exploitable buffer overflow in ".upd..loader" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host.


Impact

A local user may be able to gain elevated privileges and execute arbitrary code.


Solution

Apply a patch.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Hewlett-Packard Company| | -| 13 Sep 2002
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

Credit

This document was written by Ian A Finlay.

Other Information

  • CVE IDs: Unknown
  • Date Public: 30 Aug 2002
  • Date First Published: 13 Sep 2002
  • Date Last Updated: 13 Sep 2002
  • Severity Metric: 3.75
  • Document Revision: 7