Description
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
References (10)
Core 10
Core References
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/931579
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/836275
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/202939
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/290115
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/600699
Exploit x_refsource_misc
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt
Exploit x_refsource_misc
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt
Exploit x_refsource_misc
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt
Exploit x_refsource_misc
http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt
Scores
EPSS
0.0025
EPSS Percentile
48.0%
Details
Status
published
Products (1)
hp/tru64
5.1b_pk2_bl22
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026