Vulnerability Description
Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Hp-Ux | 10.20 |
References
- http://archives.neohapsis.com/archives/hp/current/0044.html
- http://marc.info/?l=bugtraq&m=105189670912220&w=2
- http://marc.info/?l=bugtraq&m=105190667523456&w=2
- http://www.kb.cert.org/vuls/id/971364Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7627Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11929
- http://archives.neohapsis.com/archives/hp/current/0044.html
- http://marc.info/?l=bugtraq&m=105189670912220&w=2
- http://marc.info/?l=bugtraq&m=105190667523456&w=2
- http://www.kb.cert.org/vuls/id/971364Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7627Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11929
FAQ
What is CVE-2003-0333?
CVE-2003-0333 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3)...
How severe is CVE-2003-0333?
CVE-2003-0333 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0333?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Hp-Ux.