ID CVE-2003-1097
Summary Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
References
Vulnerable Configurations
  • cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2008-08-25T04:00:20.623-04:00
class vulnerability
contributors
name Michael Wood
organization Hewlett-Packard
description Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
family unix
id oval:org.mitre.oval:def:5611
status accepted
submitted 2008-07-10T16:22:36.000-04:00
title Potential buffer overflow in rexec(1)
version 35
refmap via4
bid 7459
bugtraq 20030429 HPUX rexec buffer overflow vulnerability
cert-vn VU#322540
ciac N-088
hp HPSBUX0304-257
xf hp-rexec-command-bo(11890)
Last major update 11-10-2017 - 01:29
Published 31-12-2003 - 05:00
Last modified 11-10-2017 - 01:29
Back to Top