CVE-2002-1617

Name of the Vulnerable Software and Affected Versions HP Tru64 UNIX versions 5.x

Description The issue allows local users to execute arbitrary code due to multiple buffer overflows. This can be achieved through various means, including a long -contextDir argument to dtaction, a long -p argument to dtprintinfo, a long -customization argument to dxterm, or a long DISPLAY environment variable to dtterm.

Recommendations For HP Tru64 UNIX version 5.x, consider disabling the dtaction, dtprintinfo, dxterm, and dtterm functions until a patch is available to prevent exploitation. Restrict access to these functions to minimize the risk of arbitrary code execution. Avoid using long arguments for -contextDir, -p, and -customization, as well as long DISPLAY environment variables, in the affected applications.