CVE-2002-1616 – Tru64 5 - 'su' Env Local Stack Overflow
https://notcve.org/view.php?id=CVE-2002-1616
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. • https://www.exploit-db.com/exploits/259 http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_su.txt http://www.kb.cert.org/vuls/id/137555 http://www.kb.cert.org/vuls/id/177067 http://www.kb.cert.org/vuls/id/193347 http://www.kb.cert.org/vuls/id/671627 http://www.kb.cert.org/vuls/id/864083 http://www.securityfocu •
CVE-2002-0678
https://notcve.org/view.php?id=CVE-2002-0678
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P http://archives.neohapsis.com/archives/aix/2002-q3/0002.html http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.iss.net/security_center/static/9527.php http://www.kb.cert.org/vuls/id/299816 http://www.securityfocus.com/bid/5083 http://www1.itrc.hp •
CVE-2002-0677
https://notcve.org/view.php?id=CVE-2002-0677
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https:/ •
CVE-2001-1033
https://notcve.org/view.php?id=CVE-2001-1033
Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. • http://www.securityfocus.com/archive/1/216323 http://www.securityfocus.com/bid/3362 https://exchange.xforce.ibmcloud.com/vulnerabilities/7171 •
CVE-2000-1031
https://notcve.org/view.php?id=CVE-2000-1031
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. • http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html http://archives.neohapsis.com/archives/hp/2000-q4/0034.html http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11 http://www.kb.cert.org/vuls/id/320067 http://www.securityfocus.com/archive/1/290115 http://www.securityfocus.com/archive/1/75188 http://www.securityfocus.com/bid/1889 https://exchange.xforce.ibmcloud.com/vulnerabilities/5461 •