Overview
The HP Tru64 UNIX implementation of "ipcs" contains a locally exploitable buffer overflow.
Description
"ipcs" is used to report inter-process communication status. A locally exploitable buffer overflow in "ipcs" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. |
Impact
A local user may be able to gain elevated privileges and execute arbitrary code. |
Solution
Apply a patch. |
Vendor Information
771155
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.securityfocus.com/bid/5241
- http://www.nipc.gov/cybernotes/2002/cyberissue2002-15.htm
- http://www.its.monash.edu.au/security/auscert/2002-07/msg00039.html
- http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
- http://www.iss.net/security_center/static/9613.php
Acknowledgements
This document was written by Ian A Finlay.
Other Information
| CVE IDs: | CVE-2002-0093 |
| Severity Metric: | 3.75 |
| Date Public: | 2002-07-19 |
| Date First Published: | 2002-09-09 |
| Date Last Updated: | 2002-09-09 13:53 UTC |
| Document Revision: | 11 |