Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0979 — Authentication Bypass by Primary Weakness in HP Hp-ux

Severity

7.2HIGHNVD

EPSS

0.2%

top 61.79%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedSep 3

Latest updateApr 30

Description

Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

▶NVDhp/hp-ux4 versions+3

GHSA

GHSA-376m-3h9j-6rv5: Buffer overflow in swverify in HP-UX 11↗2022-04-30

▶

CVEList

CVE-2001-0979: Buffer overflow in swverify in HP-UX 11↗2002-02-02

▶

Exploit-DB

HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation↗2002-12-11

▶

Exploit-DB

HP-UX 11.0 - SWVerify Buffer Overflow↗2001-09-03

▶

CWE

Authentication Bypass by Primary Weakness↗

▶