Lucene search

[email protected]CVE-2002-1605

HistorySep 02, 2002 - 4:00 a.m.

CVE-2002-1605

2002-09-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

tru64 unix

buffer overflow

cve-2002-1605

security vulnerability

arbitrary code execution

nvd

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.5%

JSON

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

CPENameOperatorVersion
hp:tru64hp tru64eq4.0g
hp:tru64hp tru64eq5.0a
hp:tru64hp tru64eq4.0f
hp:hp-uxhp hp-uxeq11.11
hp:tru64hp tru64eq5.1a
hp:hp-uxhp hp-uxeq11.04
hp:hp-uxhp hp-uxeq11.00
hp:tru64hp tru64eq5.1
hp:hp-uxhp hp-uxeq11.22
hp:hp-uxhp hp-uxeq10.20

CPE	Name	Operator	Version
hp:tru64	hp tru64	eq	4.0g
hp:tru64	hp tru64	eq	5.0a
hp:tru64	hp tru64	eq	4.0f
hp:hp-ux	hp hp-ux	eq	11.11
hp:tru64	hp tru64	eq	5.1a
hp:hp-ux	hp hp-ux	eq	11.04
hp:hp-ux	hp hp-ux	eq	11.00
hp:tru64	hp tru64	eq	5.1
hp:hp-ux	hp hp-ux	eq	11.22
hp:hp-ux	hp hp-ux	eq	10.20

References

archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html

wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11

www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txt

www.kb.cert.org/vuls/id/569987

www.kb.cert.org/vuls/id/584243

www.kb.cert.org/vuls/id/693803

www.securityfocus.com/archive/1/290115

exchange.xforce.ibmcloud.com/vulnerabilities/10016

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.5%

JSON