The HP Tru64 UNIX implementation of "passwd" contains a locally exploitable buffer overflow.
"passwd" is a utility used to change the password for the current user. A locally exploitable buffer overflow in "passwd" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host.
A local user may be able to gain elevated privileges and execute arbitrary code.
Apply a patch.
This vulnerability was discovered by SNOsoft.
This document was written by Ian A Finlay.
|Date First Published:||2002-09-05|
|Date Last Updated:||2002-09-05 18:05 UTC|