Vulnerability CVE-2002-0991


Published: 2002-10-04   Modified: 2012-02-12

Description:
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
HP -> Cifs-9000 server 

 References:
http://www.securityfocus.com/bid/5088
http://www.iss.net/security_center/static/9431.php
http://archives.neohapsis.com/archives/hp/2002-q3/0016.html
http://archives.neohapsis.com/archives/bugtraq/2002-06/0300.html

Copyright 2020, cxsecurity.com

 

Back to Top