CVE-2002-0991 : Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and ea

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

Published 2002-10-04 04:00:00

Updated 2008-09-05 20:29:29

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-0991

HP » Cifs-9000 Server » Version: A.01.05
cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:*
Matching versions
HP » Cifs-9000 Server » Version: A.01.06
cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-0991

EPSS FAQ

0.82%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-0991

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2002-0991

http://www.iss.net/security_center/static/9431.php

Patch;Vendor Advisory
http://archives.neohapsis.com/archives/hp/2002-q3/0016.html
http://www.securityfocus.com/bid/5088

Patch;Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-06/0300.html

Jump to

Vulnerability Details : CVE-2002-0991

Products affected by CVE-2002-0991

Exploit prediction scoring system (EPSS) score for CVE-2002-0991

CVSS scores for CVE-2002-0991

References for CVE-2002-0991