CVE-2002-1605: Buffer Overflow
First published: Mon Sep 02 2002(Updated: )
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Compaq Tru64 | =4.0g | |
| Compaq Tru64 | =5.0a | |
| Compaq Tru64 | =4.0f | |
| HPE HP-UX | =11.11 | |
| Compaq Tru64 | =5.1a | |
| HPE HP-UX | =11.04 | |
| HPE HP-UX | =11.00 | |
| Compaq Tru64 | =5.1 | |
| HPE HP-UX | =11.22 | |
| HPE HP-UX | =10.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/archive/1/290115
- http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txt
- http://www.kb.cert.org/vuls/id/693803
- http://www.kb.cert.org/vuls/id/569987
- http://www.kb.cert.org/vuls/id/584243
- http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
- http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10016
Frequently Asked Questions
What is the severity of CVE-2002-1605?
CVE-2002-1605 is classified as a high severity vulnerability due to its potential to allow attackers to execute arbitrary code.
How do I fix CVE-2002-1605?
To fix CVE-2002-1605, update your affected HP Tru64 UNIX or HP-UX systems to the latest patches provided by HP.
Which versions of HP Tru64 UNIX are affected by CVE-2002-1605?
CVE-2002-1605 affects HP Tru64 UNIX versions 4.0f, 4.0g, 5.0a, 5.1, and 5.1a.
Can CVE-2002-1605 affect HP-UX systems?
Yes, CVE-2002-1605 can affect certain versions of HP-UX systems, specifically 10.20, 11.00, 11.04, 11.11, and 11.22.
What kind of attack does CVE-2002-1605 enable?
CVE-2002-1605 enables attackers to execute arbitrary code by exploiting a buffer overflow caused by a long _XKB_CHARSET environment variable.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/hp
- canonical/compaq tru64
- version/compaq tru64/4.0g
- version/compaq tru64/5.0a
- version/compaq tru64/4.0f
- canonical/hpe hp-ux
- version/hpe hp-ux/11.11
- version/compaq tru64/5.1a
- version/hpe hp-ux/11.04
- version/hpe hp-ux/11.00
- version/compaq tru64/5.1
- version/hpe hp-ux/11.22
- version/hpe hp-ux/10.20