Vulnerability Name: | CVE-2002-0991 (CCN-9431) | ||||||||
Assigned: | 2002-06-24 | ||||||||
Published: | 2002-06-24 | ||||||||
Updated: | 2008-09-05 | ||||||||
Summary: | Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: BUGTRAQ Type: UNKNOWN 20020624 Sharity Cifslogin Buffer Overflow (arguments) Source: CCN Type: BugTraq Mailing List, Mon Jun 24 2002 - 07:19:52 CDT Sharity Cifslogin Buffer Overflow (arguments) Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX0207-200 Sec. Vulnerability in CIFS/9000 Source: HP Type: UNKNOWN HPSBUX0207-200 Source: MITRE Type: CNA CVE-2002-0991 Source: XF Type: Patch, Vendor Advisory hp-cifs-login-bo(9431) Source: CCN Type: OSVDB ID: 11362 HP CIFS/9000 cifslogin Multiple Parameter Overflow Source: BID Type: Patch, Vendor Advisory 5088 Source: CCN Type: BID-5088 HP CIFSLogin Buffer Overflow Vulnerability Source: XF Type: UNKNOWN hp-cifs-login-bo(9431) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |