Multiple Buffer Overflow Vulnerabilities in HP Tru64 UNIX 5.x
CVE-2002-1617

Currently unrated

Key Information:

Vendor: HP
Status: Tru64
Vendor: CVE Published:; 31 December 2002

Summary

Multiple buffer overflow vulnerabilities exist in HP Tru64 UNIX 5.x, enabling local users to potentially execute arbitrary code. The vulnerabilities stem from insufficient validation of input parameters, particularly involving the -contextDir argument for dtaction, the -p argument for dtprintinfo, the -customization argument for dxterm, and excessively long DISPLAY environment variables for dtterm. Exploiting these flaws may allow attackers to gain unauthorized access to system resources or execute malicious actions within the affected environment.

References

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

http://www.kb.cert.org/vuls/id/931579

third-party-advisoryx_refsource_CERT-VN

http://www.kb.cert.org/vuls/id/836275

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Mar 25, 2005
Vulnerability published
Dec 31, 2002