PT-2003-2305 · Hewlett Packard · Hp-Ux
Publicado
2003-12-31
·
Atualizado
2017-07-29
·
CVE-2003-1360
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HP-UX versions 10.0 through 10.34
Description
A buffer overflow issue exists in the setupterm function of the lanadmin and landiag programs, allowing local users to execute arbitrary code via a long TERM environment variable.
Recommendations
For HP-UX versions 10.0 through 10.34, consider restricting access to the lanadmin and landiag programs until a fix is available, and avoid using long TERM environment variables to minimize the risk of exploitation.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hp-Ux