Buffer Overflow Vulnerability in HP Tru64 UNIX
CVE-2002-1605

Currently unrated

Key Information:

Vendor: HP
Status: Tru64; HP-ux
Vendor: CVE Published:; 2 September 2002

Summary

A buffer overflow vulnerability exists in HP Tru64 UNIX versions 5.1a, 5.1, 5.0a, 4.0g, and 4.0f. This issue arises from improper handling of the _XKB_CHARSET environment variable, which allows attackers to execute arbitrary code. Specifically, the vulnerable components include dxpause, dxconsole, and dtsession. By exploiting this vulnerability, attackers could manipulate the affected binaries to gain unauthorized access and control over the system.

References

http://www.kb.cert.org/vuls/id/584243

third-party-advisoryx_refsource_CERT-VN

http://wwss1pro.compaq.com/support/reference_library/view...

vendor-advisoryx_refsource_HP

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Mar 25, 2005
Vulnerability published
Sep 2, 2002