Unrated severityNVD Advisory· Published Sep 2, 2002· Updated Jun 16, 2026
CVE-2002-1604
CVE-2002-1604
Description
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:hp:tru64:4.0f:*:*:*:*:*:*:*
- cpe:2.3:o:hp:tru64:4.0g:*:*:*:*:*:*:*
- cpe:2.3:o:hp:tru64:5.0a:*:*:*:*:*:*:*
- cpe:2.3:o:hp:tru64:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:hp:tru64:5.1a:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
15- www.blacksheepnetworks.com/security/hack/tru64/TRU64_nlspath.txtnvdExploit
- www.kb.cert.org/vuls/id/158499nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/416427nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/437899nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/448987nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/531355nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/567963nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/584243nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/592515nvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/846307nvdThird Party AdvisoryUS Government Resource
- archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.htmlnvd
- wwss1pro.compaq.com/support/reference_library/viewdocument.aspnvd
- www.securityfocus.com/archive/1/290115nvd
- www.securityfocus.com/bid/5647nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/10016nvd
News mentions
0No linked articles in our index yet.