CVE-2002-1605 Information

Description

Buffer overflow in HP Tru64 UNIX 5.1a 5.1 5.0a 4.0g and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause (2) dxconsole or (3) dtsession.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11 http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_xkb.txt http://www.kb.cert.org/vuls/id/569987 http://www.kb.cert.org/vuls/id/584243 http://www.kb.cert.org/vuls/id/693803 http://www.securityfocus.com/archive/1/290115 https://exchange.xforce.ibmcloud.com/vulnerabilities/10016