CVE-2003-0333

HP-UX 10.20 and 11.00 - Local Privilege Escalation via Kermit Long Arguments

Title source: llm

Description

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

References (6)

Core 6

Core References

Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/7627

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105190667523456&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105189670912220&w=2

Third Party Advisory vendor-advisory x_refsource_hp

http://archives.neohapsis.com/archives/hp/current/0044.html

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/971364

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/11929

Scores

EPSS 0.0021

EPSS Percentile 42.5%

Details

Status published

Products (2)

hp/hp-ux 10.20

hp/hp-ux 11.00

Published May 19, 2003

Tracked Since Feb 18, 2026