CVE-2005-2927

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.41/SCOSA-2005.41.txt	Patch Vendor Advisory
http://secunia.com/advisories/17275
http://securityreason.com/securityalert/101
http://securitytracker.com/id?1015098
http://www.idefense.com/application/poi/display?type=vulnerabilities
http://www.osvdb.org/20155
http://www.securityfocus.com/bid/15159

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sco:unixware:7.1.3:::::::*
	cpe:2.3:o:sco:unixware:7.1.4:::::::*

History

No history.

Information

Published : 2005-10-25 16:02

Updated : 2023-12-10 10:28

NVD link : CVE-2005-2927

Mitre link : CVE-2005-2927

CVE.ORG link : CVE-2005-2927

JSON object : View

Products Affected

sco

unixware

CWE

NVD-CWE-Other

7.2 /10