FKIE_CVE-2002-1616

Vulnerability from fkie_nvd - Published: 2002-08-01 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
cve@mitre.orghttp://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
cve@mitre.orghttp://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txtExploit
cve@mitre.orghttp://www.kb.cert.org/vuls/id/137555Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/177067Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/193347Patch, US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/671627Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/864083US Government Resource
cve@mitre.orghttp://www.securityfocus.com/archive/1/290115Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/5379Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/5380Patch
cve@mitre.orghttp://www.securityfocus.com/bid/5381Patch
cve@mitre.orghttp://www.securityfocus.com/bid/5382Patch
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/10614
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11620
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
af854a3a-2127-422b-91ae-364da2661108http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txtExploit
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/137555Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/177067Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/193347Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/671627Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/864083US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/290115Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/5379Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/5380Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/5381Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/5382Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/10614
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11620
Impacted products
Vendor Product Version
hp tru64 4.0f
hp tru64 4.0g
hp tru64 5.0a
hp tru64 5.1
hp tru64 5.1af
To clipboard Create KEV Entry 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E8BA552-394A-4E06-8CAD-24A2F542FD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "E43FAAEF-B0DD-466F-A74E-43CBA4CCF7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F90BA0-45D4-4089-BFBC-69FD1DB10C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5840611-A108-48EE-9D5A-4B6DA0621FF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:5.1af:*:*:*:*:*:*:*",
              "matchCriteriaId": "1839F0EE-84D7-4055-A044-5AB5E350225E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc."
    }
  ],
  "id": "CVE-2002-1616",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-08-01T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/137555"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/177067"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/193347"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/671627"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/864083"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/290115"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5379"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5380"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5381"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5382"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10614"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/137555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/177067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/193347"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/671627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/864083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/290115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/5382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11620"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.