PT-2003-2305 · Hewlett Packard · Hp-Ux
Published
2003-12-31
·
Updated
2017-07-29
·
CVE-2003-1360
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HP-UX versions 10.0 through 10.34
Description
A buffer overflow issue exists in the setupterm function of the lanadmin and landiag programs, allowing local users to execute arbitrary code via a long TERM environment variable.
Recommendations
For HP-UX versions 10.0 through 10.34, consider restricting access to the lanadmin and landiag programs until a fix is available, and avoid using long TERM environment variables to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp-Ux