| Vulnerability Name: | CVE-2000-1031 (CCN-5461) | ||||||||
| Assigned: | 2000-11-01 | ||||||||
| Published: | 2000-11-01 | ||||||||
| Updated: | 2018-05-03 | ||||||||
| Summary: | Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: SGI Security Advisory 20011107-01-P CDE vulnerabilities Source: CCN Type: BugTraq Mailing List, Wed Aug 09 2000 - 23:36:50 CDT Re: Possible vulnerability in HPUX ( Add vulnerability List ) Source: FULLDISC Type: UNKNOWN 20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification Source: HP Type: Patch, Vendor Advisory HPSBUX0011-128 Source: MITRE Type: CNA CVE-2000-1031 Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX0011-128 Sec. Vulnerability in dtterm Source: HP Type: UNKNOWN SSRT2275 Source: CCN Type: CIAC Information Bulletin L-017 HP-UX dtterm misuse Source: CCN Type: US-CERT VU#320067 HP Tru64 UNIX dtterm contains buffer overflow (SSRT2280) Source: CERT-VN Type: US Government Resource VU#320067 Source: CCN Type: OSVDB ID: 1631 CDE dtterm Terminal Name (-tn Option) Local Overflow Source: BUGTRAQ Type: UNKNOWN 20020902 Happy Labor Day from Snosoft Source: BUGTRAQ Type: UNKNOWN 20000810 Re: Possible vulnerability in HPUX ( Add vulnerability List ) Source: BID Type: Patch, Vendor Advisory 1889 Source: CCN Type: BID-1889 CDE DTTerm Terminal Name Buffer Overflow Vulnerability Source: XF Type: UNKNOWN hp-dtterm(5461) Source: XF Type: UNKNOWN hp-dtterm(5461) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||