Vulnerability Name:

CVE-2001-0797 (CCN-7284)

Assigned:2001-10-16
Published:2001-10-16
Updated:2018-10-30
Summary:Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: IBM Efixes FTP site
Emergency fix ("efix") for tsmlogin

Source: CCN
Type: SGI Security Advisory 20011201-01-I
Buffer Overflow in System V Derived Login

Source: SGI
Type: UNKNOWN
20011201-01-I

Source: CALDERA
Type: UNKNOWN
CSSA-2001-SCO.40

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2001-SCO.40
OpenServer: /bin/login and /etc/getty argument buffer overflow

Source: CCN
Type: BugTraq Mailing List, Wed Dec 19 2001 - 17:04:59 CST
Linux distributions and /bin/login overflow

Source: CCN
Type: BugTraq Mailing List, Wed Oct 02 2002 - 11:13:09 CDT
Solaris 2.6, 7, 8

Source: MITRE
Type: CNA
CVE-2001-0797

Source: BUGTRAQ
Type: UNKNOWN
20011214 Sun Solaris login bug patches out

Source: CCN
Type: Sun Microsystems, Inc. Security Bulletin #00213
login

Source: SUN
Type: UNKNOWN
00213

Source: CCN
Type: Sun SunSolve Security Patches Web site
Recommended and Security Patches

Source: AIXAPAR
Type: UNKNOWN
IY26221

Source: CCN
Type: CERT Advisory CA-2001-34
Buffer Overflow in System V Derived Login

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
CA-2001-34

Source: CCN
Type: CIAC Information Bulletin M-031
Buffer Overflow in System V Derived Login

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2002 April 10 16:00 (UTC+0000)
Solaris /bin/login Vulnerability

Source: CCN
Type: Internet Security Systems Security Alert #105
Buffer Overflow in /bin/login

Source: CCN
Type: US-CERT VU#569272
System V derived login contains a remotely exploitable buffer overflow

Source: CERT-VN
Type: US Government Resource
VU#569272

Source: CCN
Type: OSVDB ID: 690
Unix SysV Telnet login Environment Remote Overflow

Source: CCN
Type: OSVDB ID: 691
Unix SysV Rlogin login Environment Remote Overflow

Source: BUGTRAQ
Type: Vendor Advisory
20011219 Linux distributions and /bin/login overflow

Source: BID
Type: Exploit, Patch, Vendor Advisory
3681

Source: CCN
Type: BID-3681
Multiple Vendor System V Derived 'login' Buffer Overflow Vulnerability

Source: CCN
Type: BID-5531
RETIRED: Solaris in.telnetd TTYPROMPT Buffer Overflow Vulnerability

Source: CCN
Type: BID-5848
Sun Solaris /bin/login Authentication Bypass Vulnerability

Source: ISS
Type: Patch, Vendor Advisory
20011212 Buffer Overflow in /bin/login

Source: XF
Type: UNKNOWN
telnet-tab-bo(7284)

Source: XF
Type: UNKNOWN
telnet-tab-bo(7284)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2025

Vulnerable Configuration:Configuration 1:
  • cpe:/o:sgi:irix:3.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.3:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:hp:hp-ux:10.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.01:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:10.24:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.6:*:*:*:*:*:*:*
  • OR cpe:/o:sco:openserver:5.0.6a:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:2.4:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:2.5:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:sunos:-:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.4:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
  • OR cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
  • OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
  • OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ids:-:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:3.3.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:2025
    V
    		System V login Buffer Overflow
    2005-02-23
    BACK
    sgi irix 3.2
    sgi irix 3.3
    sgi irix 3.3.1
    sgi irix 3.3.2
    sgi irix 3.3.3
    hp hp-ux 10.00
    hp hp-ux 10.01
    hp hp-ux 10.10
    hp hp-ux 10.20
    hp hp-ux 10.24
    hp hp-ux 11.00
    hp hp-ux 11.0.4
    hp hp-ux 11.11
    ibm aix 4.3
    ibm aix 4.3.1
    ibm aix 4.3.2
    ibm aix 4.3.3
    ibm aix 5.1
    sco openserver 5.0
    sco openserver 5.0.1
    sco openserver 5.0.2
    sco openserver 5.0.3
    sco openserver 5.0.4
    sco openserver 5.0.5
    sco openserver 5.0.6
    sco openserver 5.0.6a
    sun solaris 2.4
    sun solaris 2.5
    sun solaris 2.5.1
    sun solaris 2.5.1
    sun solaris 2.6
    sun solaris 7.0
    sun solaris 8.0
    sun sunos -
    sun sunos 5.0
    sun sunos 5.1
    sun sunos 5.2
    sun sunos 5.3
    sun sunos 5.4
    sun sunos 5.5
    sun sunos 5.5.1
    sun sunos 5.7
    sun sunos 5.8
    ibm aix *
    windriver bsdos *
    hp hp-ux *
    sgi irix *
    linux linux kernel *
    sun solaris *
    data_general dg ux *
    sco unix *
    ibm aix 4.3
    ibm aix 5.1
    compaq tru64 *
    cisco ids -
    sgi irix 3.2
    sgi irix 3.3
    sgi irix 3.3.1
    sgi irix 3.3.2
    sgi irix 3.3.3