CVE-2002-1616

Sažetak

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txt
http://www.kb.cert.org/vuls/id/137555
http://www.kb.cert.org/vuls/id/177067
http://www.kb.cert.org/vuls/id/193347
http://www.kb.cert.org/vuls/id/671627
http://www.kb.cert.org/vuls/id/864083
http://www.securityfocus.com/archive/1/290115
http://www.securityfocus.com/bid/5379
http://www.securityfocus.com/bid/5380
http://www.securityfocus.com/bid/5381
http://www.securityfocus.com/bid/5382
https://exchange.xforce.ibmcloud.com/vulnerabilities/10614
https://exchange.xforce.ibmcloud.com/vulnerabilities/11620

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

11-07-2017 - 01:29

Objavljeno

01-08-2002 - 04:00