CVE-2002-1689Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
10.0CRITICALNVD
EPSS
1.4%
top 19.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedDec 31
Latest updateApr 30

Description

Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix3.2.5

🔴Vulnerability Details

3
GHSA
GHSA-xqmh-wj7x-9rxf: Unknown vulnerability in the login program on AIX before 42022-04-30
CVEList
CVE-2002-1689: Unknown vulnerability in the login program on AIX before 42005-06-21
VulnCheck
AIX before 4.0 Buffer Overflow2002

📋Vendor Advisories

1
Cisco
Solaris /bin/login Vulnerability2002-04-10
CVE-2002-1689 — IBM AIX vulnerability | cvebase