CVE-2003-0333 : Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) a

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

Published 2003-05-19 04:00:00

Updated 2017-07-11 01:29:31

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2003-0333

Probability of exploitation activity in the next 30 days: 0.10%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 39 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2003-0333

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2003-0333

https://exchange.xforce.ibmcloud.com/vulnerabilities/11929
http://marc.info/?l=bugtraq&m=105189670912220&w=2
http://www.kb.cert.org/vuls/id/971364

Third Party Advisory;US Government Resource
http://www.securityfocus.com/bid/7627

Vendor Advisory
http://marc.info/?l=bugtraq&m=105190667523456&w=2

Products affected by CVE-2003-0333

HP » Hp-ux » Version: 11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 10.20
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2003-0333

Exploit prediction scoring system (EPSS) score for CVE-2003-0333

CVSS scores for CVE-2003-0333

References for CVE-2003-0333

Products affected by CVE-2003-0333