Vulnerability Details : CVE-2003-1097
Potential exploit
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
Vulnerability category: Overflow
Products affected by CVE-2003-1097
- cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-1097
0.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2003-1097
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2003-1097
-
http://archives.neohapsis.com/archives/bugtraq/2003-04/0374.html
Exploit
-
http://www.ciac.org/ciac/bulletins/n-088.shtml
Patch
-
http://www.kb.cert.org/vuls/id/CRDY-5MJKM4
Patch;Third Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/7459
Exploit;Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/11890
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5611
-
http://www.kb.cert.org/vuls/id/322540
Third Party Advisory;US Government Resource
Jump to