Vulnerabilities > CVE-2003-0089 - Local Buffer Overrun vulnerability in HP-UX Software Distributor Lang Environment Variable
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.
Exploit-Db
description | HP-UX 11 Software Distributor Lang Environment Variable Local Buffer Overrun Vulnerability. CVE-2003-0089. Local exploit for hp-ux platform |
id | EDB-ID:23343 |
last seen | 2016-02-02 |
modified | 2002-12-11 |
published | 2002-12-11 |
reporter | watercloud |
source | https://www.exploit-db.com/download/23343/ |
title | HP-UX 11 Software Distributor Lang Environment Variable Local Buffer Overrun Vulnerability |
Oval
accepted | 2014-03-24T04:01:41.068-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
description | Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:5466 | ||||||||
status | accepted | ||||||||
submitted | 2008-07-09T16:48:33.000-04:00 | ||||||||
title | HP-UX Running Software Distributor (SD), Local Increased Privileges. | ||||||||
version | 40 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0038.html
- http://marc.info/?l=bugtraq&m=106873965001431&w=2
- http://www.securityfocus.com/advisories/6030
- http://www.securityfocus.com/bid/8986
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13623
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5466