CVE-2002-1127 - Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a

CVE-2002-1127

Summary

Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter.

References

Vulnerable Configurations

cpe:2.3:o:digital:osf_1:3.0:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.0:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.0b:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.0b:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2b:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2b:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2c:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2c:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2d:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2d:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2de1:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2de1:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2de2:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2de2:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2f:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2f:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2g:*:*:*:*:*:*:*
cpe:2.3:o:digital:osf_1:3.2g:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	5745
vulnwatch	20020918 iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3.
xf	osf1-uucp-source-bo(10146)

Last major update

05-09-2008 - 20:29

Published

04-10-2002 - 04:00

Last modified

05-09-2008 - 20:29