CVE-2002-2002

CWE-119Buffer Overflow51 documents11 sources
Severity
7.5HIGH
EPSS
1.5%
top 18.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Compaq Tru64
Timeline
PublishedDec 31
Latest updateApr 30

Description

Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcompaq/tru644 versions+3

Patches

Patch: cert.uni-stuttgart.dePatch: www.iss.netPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-2q29-9457-5vhh: Buffer overflow in libc in Compaq Tru64 42022-04-30
GHSA
Apache Tomcat DoS via Malicious Get Request2022-04-30
CVEList
CVE-2002-2002: Buffer overflow in libc in Compaq Tru64 42005-07-14

💥Exploits & PoCs

26
Exploit-DB
FTPShell Client 5.24 - 'Create NewFolder' Local Buffer Overflow2016-02-04
Exploit-DB
Microsoft Excel - HFPicture Record Parsing Remote Code Execution2010-09-16
Exploit-DB
PuTTy.exe 0.53 - Validation Remote Buffer Overflow (Metasploit)2006-05-15
Exploit-DB
3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service2002-12-02
Exploit-DB
IISPop 1.161/1.181 - Remote Buffer Overflow (Denial of Service) (PoC)2002-11-14

📋Vendor Advisories

5
Red Hat
security flaw2002-10-14
Cisco
Microsoft Windows SMB Denial of Service Vulnerabilities in Cisco Products - MS02-0452002-09-18
Red Hat
security flaw2002-08-05
Red Hat
security flaw2002-05-02
Red Hat
security flaw2002-03-23

💬Community

7
Bugzilla
CVE-2002-1170 security flaw2018-08-16
Bugzilla
CVE-2002-0659 security flaw2018-08-16
Bugzilla
CVE-2002-0704 security flaw2018-08-16
Bugzilla
CVE-2002-1223 security flaw2018-08-16
Bugzilla
CVE-2002-0825 security flaw2018-08-16
CVE-2002-2002 (HIGH CVSS 7.5) | Buffer overflow in libc in Compaq T | cvebase.io