Lucene search

MitreCVE-2002-1618

HistoryMar 25, 2005 - 5:00 a.m.

CVE-2002-1618

2005-03-2505:00:00

mitre

web.nvd.nist.gov

jfs

hp-ux

filesystem

bypass

security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

31.7%

JSON

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

Affected configurations

Nvd

Node

hpjfsMatch3.1

Node

hphp-uxMatch10.20

hphp-uxMatch11.00

hphp-uxMatch11.04

VendorProductVersionCPE
hpjfs3.1cpe:2.3:a:hp:jfs:3.1:*:*:*:*:*:*:*
hphp-ux10.20cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
hphp-ux11.00cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
hphp-ux11.04cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	jfs	3.1	cpe:2.3:a:hp:jfs:3.1:::::::*
hp	hp-ux	10.20	cpe:2.3:o:hp:hp-ux:10.20:::::::*
hp	hp-ux	11.00	cpe:2.3:o:hp:hp-ux:11.00:::::::*
hp	hp-ux	11.04	cpe:2.3:o:hp:hp-ux:11.04:::::::*

References

www.kb.cert.org/vuls/id/248337

www.securityfocus.com/advisories/4569

www.securityfocus.com/bid/5979

exchange.xforce.ibmcloud.com/vulnerabilities/10399

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5700

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

31.7%

JSON

Related for CVE-2002-1618