Published: 31/12/2003 Updated: 11/10/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp hp-ux 10.30
hp hp-ux 10.34
hp hp-ux 10.20
hp hp-ux 10.24
hp hp-ux 10.26
hp hp-ux 11.22
hp hp-ux 11.00
hp hp-ux 11.04
hp hp-ux 10.10
hp hp-ux 10.16
hp hp-ux 11.11
hp hp-ux 11.20

source: wwwsecurityfocuscom/bid/7459/info It has been reported that a problem in the rexec program included with some versions of HP-UX may be vulnerable to a boundary condition error It may be possible for a local user to exploit this vulnerability to gain elevated privileges on the system exec 127001 -l `perl -e 'printf "A" x 977 ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2003-04/0374.html http://www.kb.cert.org/vuls/id/CRDY-5MJKM4 http://www.kb.cert.org/vuls/id/322540 http://www.ciac.org/ciac/bulletins/n-088.shtml http://www.securityfocus.com/bid/7459 https://exchange.xforce.ibmcloud.com/vulnerabilities/11890 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5611 https://nvd.nist.gov https://www.exploit-db.com/exploits/22552/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-1097

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect