Lucene search

MitreCVE-2003-0221

HistoryMay 12, 2003 - 4:00 a.m.

CVE-2003-0221

2003-05-1204:00:00

mitre

web.nvd.nist.gov

cve-2003-0221

hp tru64 unix

symlink attack

vulnerability

dupatch

setld

root privileges

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

Percentile

5.1%

JSON

The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

Affected configurations

Nvd

Node

hptru64Range≤5.1bpk1

VendorProductVersionCPE
hptru64*cpe:2.3:o:hp:tru64:*:pk1:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	tru64	*	cpe:2.3:o:hp:tru64::pk1::::::*

References

www.ciac.org/ciac/bulletins/n-086.shtml

www.securityfocus.com/bid/7452

exchange.xforce.ibmcloud.com/vulnerabilities/11892

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2003-0221