Vulnerability Name:

CVE-2002-1606 (CCN-10016)

Assigned:2002-08-30
Published:2002-08-30
Updated:2017-07-11
Summary:Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: Strategic Reconnaissance Team Security Advisory(SRT2002-09)
Compaq Tru64 Unix Mulitple Buffer Overflows

Source: CCN
Type: BugTraq Mailing List, Thu Sep 19 2002 - 15:44:43 CDT
Re: [Full-Disclosure] iDEFENSE Security Advisory 09.18.2002: Security Vulnerabilities in OSF1/Tru64 3.

Source: CCN
Type: BugTraq Mailing List, Thu Sep 19 2002 - 16:09:41 CDT
iDEFENSE OSF1/Tru64 3.x vuln clarification

Source: CCN
Type: Compaq SECURITY BULLETIN SRB0039W
HP Tru64 UNIX - Potential Buffer Overflows & SSRT2229 Potential Denial of Service

Source: MITRE
Type: CNA
CVE-2002-1604

Source: MITRE
Type: CNA
CVE-2002-1605

Source: MITRE
Type: CNA
CVE-2002-1606

Source: MITRE
Type: CNA
CVE-2002-1607

Source: MITRE
Type: CNA
CVE-2002-1608

Source: MITRE
Type: CNA
CVE-2002-1609

Source: MITRE
Type: CNA
CVE-2002-1611

Source: MITRE
Type: CNA
CVE-2002-1612

Source: MITRE
Type: CNA
CVE-2002-1613

Source: MITRE
Type: CNA
CVE-2002-1614

Source: MITRE
Type: CNA
CVE-2002-1615

Source: HP
Type: UNKNOWN
SSRT2260

Source: CCN
Type: CIAC Information Bulletin M-118
HP Tru64 Unix Multiple Vulnerabilities

Source: CCN
Type: CIAC Information Bulletin N-102
Hewlett-Packard Potential Security Vulnerabilities in CDE

Source: CCN
Type: US-CERT VU#115731
HP Tru64 UNIX quot contains buffer overflow (SSRT2191)

Source: CCN
Type: US-CERT VU#158499
HP Tru64 UNIX csh contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#173977
HP Tru64 UNIX ps contains buffer overflow (SSRT2256)

Source: CCN
Type: US-CERT VU#293305
HP Tru64 UNIX lprm contains buffer overflow (SSRT2260)

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#293305

Source: CCN
Type: US-CERT VU#408771
HP Tru64 UNIX mailcv contains buffer overflow (SSRT2193)

Source: CCN
Type: US-CERT VU#416427
HP Tru64 UNIX deliver contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#435611
HP Tru64 UNIX at contains buffer overflow (SSRT2189)

Source: CCN
Type: US-CERT VU#437899
HP Tru64 UNIX uux contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#448987
HP Tru64 UNIX uucp contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#506441
HP Tru64 UNIX .upd..loader contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#531355
HP Tru64 UNIX rdist contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#557481
HP Tru64 UNIX lpq contains buffer overflow (SSRT2275)

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#557481

Source: CCN
Type: US-CERT VU#567963
HP Tru64 UNIX imapd contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#584243
HP Tru64 UNIX dtsession contains buffer overflow (SSRT2282)

Source: CCN
Type: US-CERT VU#592515
HP Tru64 UNIX inc contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#602009
HP Tru64 UNIX binmail contains buffer overflow (SSRT0796U)

Source: CCN
Type: US-CERT VU#629289
HP Tru64 UNIX traceroute contains buffer overflow (SSRT2261)

Source: CCN
Type: US-CERT VU#651377
HP Tru64 UNIX "lpr" contains buffer overflow (SSRT2275)

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#651377

Source: CCN
Type: US-CERT VU#693803
HP Tru64 UNIX dxpause contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#706817
HP Tru64 UNIX ypmatch contains buffer overflow (SSRT2277)

Source: CCN
Type: US-CERT VU#846307
HP Tru64 UNIX dxsysinfo contains buffer overflow (SSRT2275)

Source: CCN
Type: US-CERT VU#955065
HP Tru64 UNIX lpd contains buffer overflow (SSRT2275)

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#955065

Source: CCN
Type: US-CERT VU#965097
HP Tru64 UNIX lpc contains buffer overflow (SSRT2260)

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#965097

Source: CCN
Type: OSVDB ID: 18176
HP Tru64 UNIX csh NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18177
HP Tru64 UNIX dtsession NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18178
HP Tru64 UNIX dxsysinfo NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18179
HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18180
HP Tru64 UNIX inc NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18181
HP Tru64 UNIX uucp NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18182
HP Tru64 UNIX uux NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18183
HP Tru64 UNIX rdist NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18184
HP Tru64 UNIX deliver NLSPATH Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18185
HP Tru64 UNIX dtsession _XKB_CHARSET Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18186
HP Tru64 UNIX dxconsole _XKB_CHARSET Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18187
HP Tru64 UNIX dxpause _XKB_CHARSET Environment Variable Local Overflow

Source: CCN
Type: OSVDB ID: 18188
HP Tru64 UNIX lpc Unspecified Local Overflow

Source: CCN
Type: OSVDB ID: 18189
HP Tru64 UNIX lpd Unspecified Local Overflow

Source: CCN
Type: OSVDB ID: 18190
HP Tru64 UNIX lpq Unspecified Local Overflow

Source: CCN
Type: OSVDB ID: 18191
HP Tru64 UNIX lpr Unspecified Local Overflow

Source: CCN
Type: OSVDB ID: 18192
HP Tru64 UNIX lprm Unspecified Local Overflow

Source: CCN
Type: OSVDB ID: 18193
HP Tru64 UNIX traceroute Local Overflow

Source: CCN
Type: OSVDB ID: 18194
HP Tru64 UNIX ypmatch Local Overflow

Source: CCN
Type: OSVDB ID: 18195
HP Tru64 UNIX ps Local Overflow

Source: CCN
Type: OSVDB ID: 18196
HP Tru64 UNIX mailcv Local Overflow

Source: CCN
Type: OSVDB ID: 18197
HP Tru64 UNIX quot Local Overflow

Source: CCN
Type: OSVDB ID: 18199
HP Tru64 UNIX binmail Local Overflow

Source: CCN
Type: OSVDB ID: 18200
HP Tru64 UNIX /usr/bin/at Local Overflow

Source: CCN
Type: OSVDB ID: 18201
HP Tru64 UNIX msgchk Local Overflow

Source: CCN
Type: OSVDB ID: 18202
HP Tru64 UNIX .upd..loader Local Overflow

Source: CCN
Type: BID-5599
HP Tru64 UNIX Multiple Local and Remote Buffer Overflow Vulnerabilities

Source: CCN
Type: BID-5647
HP Tru64 NLSPATH Environment Variable Local Buffer Overflow Vulnerability

Source: CCN
Type: BID-7720
CDE DTSession Unspecified Privilege Escalation Vulnerability

Source: XF
Type: UNKNOWN
tru64-multiple-binaries-bo(10016)

Source: XF
Type: UNKNOWN
tru64-multiple-binaries-bo(10016)

Source: CCN
Type: IBM Internet Security Systems X-Force Database
HP Tru64 UNIX /bin/su buffer overflow

Vulnerable Configuration:Configuration 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*
  • OR cpe:/o:hp:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:hp:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:hp:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:hp:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:hp:tru64:5.1a:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.04:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp hp-ux 10.20
    hp hp-ux 11.00
    hp hp-ux 11.04
    hp hp-ux 11.11
    hp hp-ux 11.22
    hp tru64 4.0f
    hp tru64 4.0g
    hp tru64 5.0a
    hp tru64 5.1
    hp tru64 5.1a
    hp hp-ux 10.20
    compaq tru64 4.0f
    compaq tru64 4.0g
    compaq tru64 5.0a
    compaq tru64 5.1
    compaq tru64 5.1a
    hp hp-ux 11.00
    hp hp-ux 11.04
    hp hp-ux 11.11
    hp hp-ux 11.22