CVE-2002-1689 : Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment

Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.

Published 2002-12-31 05:00:00

Updated 2008-09-05 20:31:16

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Exploit prediction scoring system (EPSS) score for CVE-2002-1689

Probability of exploitation activity in the next 30 days: 0.31%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2002-1689

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2002-1689

http://archives.neohapsis.com/archives/aix/2002-q1/0005.html

CVEs referencing this url

Products affected by CVE-2002-1689

IBM » AIX » Version: 3.2.5
cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2002-1689

Exploit prediction scoring system (EPSS) score for CVE-2002-1689

CVSS scores for CVE-2002-1689

References for CVE-2002-1689

Products affected by CVE-2002-1689