CVE-2002-1618 — HP Hp-ux vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.2%

top 59.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux HP JFS

Timeline

PublishedOct 16

Latest updateApr 30

Description

JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDhp/jfs3.1

▶NVDhp/hp-ux10.20, 11.00, 11.04+2

Patches

Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-r74c-v46j-w38f: JFS (JFS3↗2022-04-30

▶

CVEList

CVE-2002-1618: JFS (JFS3↗2005-03-25

▶