Vulnerabilities > CVE-2002-1617 - Unspecified vulnerability in HP Tru64 5.1Bpk2Bl22
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
- http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
- http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
- http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
- http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
- http://www.kb.cert.org/vuls/id/202939
- http://www.kb.cert.org/vuls/id/600699
- http://www.kb.cert.org/vuls/id/836275
- http://www.kb.cert.org/vuls/id/931579
- http://www.securityfocus.com/archive/1/290115