| Vulnerability Name: | CVE-2003-0333 (CCN-11929) | ||||||||
| Assigned: | 2003-05-02 | ||||||||
| Published: | 2003-05-02 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Fri May 02 2003 - 11:49:03 CDT HP-UX 11.0 /usr/bin/kermit Source: CCN Type: BugTraq Mailing List, Fri May 02 2003 - 14:11:53 CDT Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) Source: CCN Type: BugTraq Mailing List, Mon May 05 2003 - 06:23:26 CDT kermit buffer overflow on hp-ux Source: HP Type: UNKNOWN HPSBUX0305-259 Source: MITRE Type: CNA CVE-2003-0333 Source: BUGTRAQ Type: UNKNOWN 20030502 HP-UX 11.0 /usr/bin/kermit Source: BUGTRAQ Type: UNKNOWN 20030502 Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) Source: CCN Type: US-CERT VU#971364 HP-UX kermit vulnerable to buffer overflow Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#971364 Source: BID Type: Vendor Advisory 7627 Source: CCN Type: BID-7627 HP-UX Kermit Unspecified Privilege Escalation Vulnerability Source: XF Type: UNKNOWN hp-ckermit-bo(11929) Source: XF Type: UNKNOWN hp-ckermit-bo(11929) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||