Vulnerability Description
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sgi | Irix | 3.2 |
| Hp | Hp-Ux | 10.00 |
| Ibm | Aix | 4.3 |
| Sco | Openserver | 5.0 |
| Sun | Solaris | 2.4 |
| Sun | Sunos | - |
References
- ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
- ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.4
- http://marc.info/?l=bugtraq&m=100844757228307&w=2
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=only
- http://www.cert.org/advisories/CA-2001-34.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/569272US Government Resource
- http://www.securityfocus.com/archive/1/246487Vendor Advisory
- http://www.securityfocus.com/bid/3681ExploitPatchVendor Advisory
- http://xforce.iss.net/alerts/advise105.phpPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7284
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I
- ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.4
- http://marc.info/?l=bugtraq&m=100844757228307&w=2
FAQ
What is CVE-2001-0797?
CVE-2001-0797 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
How severe is CVE-2001-0797?
CVE-2001-0797 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0797?
Check the references section above for vendor advisories and patch information. Affected products include: Sgi Irix, Hp Hp-Ux, Ibm Aix, Sco Openserver, Sun Solaris.