CVE-2002-0991

HP CIFS/9000 Client <= A.01.06 - Local Buffer Overflow via Long Command Parameters

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0991. PoCs published by watercloud, alt3kx.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the cifslogin utility (CVE-2002-0991) on HP-UX systems. It constructs a malicious buffer with NOP sleds and shellcode to achieve root shell execution via command-line argument overflow.

Description

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

Exploits (2)

exploitdb WORKING POC VERIFIED

by watercloud · clocalhp-ux

https://www.exploit-db.com/exploits/21577

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the cifslogin utility (CVE-2002-0991) on HP-UX systems. It constructs a malicious buffer with NOP sleds and shellcode to achieve root shell execution via command-line argument overflow.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: CIFS/9000 cifslogin utility on HP-UX 11.11, 11.0, 10.20

No auth needed

Prerequisites: Access to execute /opt/cifsclient/bin/cifslogin · HP-UX system with vulnerable cifslogin version

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by alt3kx · poc

https://github.com/alt3kx/CVE-2002-0991

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2002-0991, a buffer overflow vulnerability in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier. The exploit leverages improper bounds checking in command-line arguments to execute arbitrary shellcode, potentially leading to root compromise.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP CIFS/9000 Client A.01.06 and earlier

No auth needed

Prerequisites: Access to the target system to execute the cifslogin command · HP CIFS/9000 Client A.01.06 or earlier installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Patch, Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9431.php

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-06/0300.html

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5088

Third Party Advisory vendor-advisory x_refsource_hp

http://archives.neohapsis.com/archives/hp/2002-q3/0016.html

Scores

EPSS 0.0241

EPSS Percentile 82.0%

Details

Status published

Products (2)

hp/cifs-9000_server a.01.05

hp/cifs-9000_server a.01.06

Published Oct 04, 2002

Tracked Since Feb 18, 2026