Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1605

4 documents4 sources
Severity
7.5HIGH
EPSS
44.0%
top 2.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
HP Hp-uxHP Tru64
Timeline
PublishedSep 2
Latest updateApr 30

Description

Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDhp/tru645 versions+4
NVDhp/hp-ux5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-6f2r-hwc2-w45w: Buffer overflow in HP Tru64 UNIX 52022-04-30
CVEList
CVE-2002-1605: Buffer overflow in HP Tru64 UNIX 52005-03-25

💥Exploits & PoCs

1
Exploit-DB
HP Tru64 4.0/5.0/5.1 - _XKB_CHARSET Local Buffer Overflow2002-07-10
CVE-2002-1605 (HIGH CVSS 7.5) | Buffer overflow in HP Tru64 UNIX 5. | cvebase.io