SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#115731

HP Tru64 UNIX "quot" contains buffer overflow (SSRT2191)

Overview

The HP Tru64 UNIX implementation of "quot" contains a locally exploitable buffer overflow.

I. Description

"quot" is used to summarize file system ownership. A locally exploitable buffer overflow in "quot" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host.

II. Impact

A local user may be able to gain elevated privileges and execute arbitrary code.

III. Solution

Apply a patch.

Systems Affected
VendorStatusDate NotifiedDate Updated
Hewlett-Packard CompanyVulnerable9-Sep-2002

References

http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11

Credit

This vulnerability was discovered by SNOsoft.

This document was written by Ian A Finlay & Jason A. Rafail.

Other Information

Date Public:2002-05-22
Date First Published:2002-09-09
Date Last Updated:2002-09-09
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Severity Metric:3.75
Document Revision:8

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2002 Carnegie Mellon University
Disclaimers and copyright information
Get a PDF Reader