7.5

CVE-2002-1604

Exploit
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HpHp-ux Version10.20
HpHp-ux Version11.00
HpHp-ux Version11.04
HpHp-ux Version11.11
HpHp-ux Version11.22
HpTru64 Version4.0f
HpTru64 Version4.0g
HpTru64 Version5.0a
HpTru64 Version5.1
HpTru64 Version5.1a
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.97% 0.963
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
http://www.securityfocus.com/archive/1/290115
https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txt
Exploit
http://www.kb.cert.org/vuls/id/158499
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/416427
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/437899
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/448987
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/531355
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/567963
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/584243
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/592515
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/846307
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/5647