Vulnerability Name:

CVE-2002-0093 (CCN-9613)

Assigned:2002-07-16
Published:2002-07-16
Updated:2011-03-08
Summary:Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: HP
Type: UNKNOWN
SSRT0794U

Source: CCN
Type: Compaq SECURITY BULLETIN SRB0039W
HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service

Source: MITRE
Type: CNA
CVE-2002-0093

Source: CCN
Type: HP Tru64 UNIX SECURITY BULLETIN SSRT0794U
HP Tru64 UNIX Potential Overflow in /usr/bin/ipcs

Source: XF
Type: Patch, Vendor Advisory
tru64-ipcs-bo(9613)

Source: CCN
Type: US-CERT VU#771155
HP Tru64 UNIX ipcs contains buffer overflow (SSRT0794U)

Source: CERT-VN
Type: US Government Resource
VU#771155

Source: BID
Type: Patch, Vendor Advisory
5241

Source: CCN
Type: BID-5241
Tru64 IPCS Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
tru64-ipcs-bo(9613)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    compaq tru64 4.0f
    compaq tru64 4.0g
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a
    compaq tru64 4.0f
    compaq tru64 4.0g
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a