| Vulnerability Name: | CVE-2002-2002 (CCN-8863) | ||||||||
| Assigned: | 2002-04-17 | ||||||||
| Published: | 2002-04-17 | ||||||||
| Updated: | 2011-03-08 | ||||||||
| Summary: | Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: BUGTRAQ Type: Patch, Vendor Advisory 20020417 [SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Source: MITRE Type: CNA CVE-2002-2002 Source: CCN Type: Compaq SECURITY BULLETIN (SSRT-541) Tru64 UNIX CDE, NFS and NIS related Source: COMPAQ Type: UNKNOWN SSRT541 Source: XF Type: Patch libc-lang-locpath-bo(8863) Source: CCN Type: SNS Advisory No.51 Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Source: MISC Type: UNKNOWN http://www.lac.co.jp/security/english/snsadv_e/51_e.html Source: CCN Type: OSVDB ID: 60011 Compaq Tru64 libc Multiple Environment Variable Local Overflow Source: BID Type: Patch 4544 Source: CCN Type: BID-4544 Compaq Tru64 C Library Buffer Overflow Vulnerability Source: XF Type: UNKNOWN libc-lang-locpath-bo(8863) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||