CVE-2003-0333

Name of the Vulnerable Software and Affected Versions: C-Kermit versions 6.0.192 and earlier

Description: The issue is related to multiple buffer overflows in the kermit software, specifically in HP-UX versions 10.20 and 11.00, which can be exploited by local users to gain privileges. This is achieved by providing long arguments to certain functions, including ask, askq, define, assign, and getc. Some of these functions may share the same underlying function doask.

Recommendations: For C-Kermit versions 6.0.192 and earlier, consider updating to version 8.0 or later to resolve the issue. As a temporary workaround, restrict the use of the ask, askq, define, assign, and getc functions to minimize the risk of exploitation. Additionally, be cautious when providing arguments to these functions to avoid triggering the buffer overflow.