CVE-2003-0333

Name: CVE-2003-0333
Creator: NVD / NIST
Published: 2003-05-19T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.65%

Last modified Jun 16, 2026

CVE-2003-0333 is a vulnerability of currently unknown severity. Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.. EPSS estimates a 0.65% chance of exploitation in the next 30 days.

Description

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085.

Metrics

EPSS Probability

0.65%

46.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Hp	Hp-Ux	10.20
Hp	Hp-Ux	11.00

References

http://archives.neohapsis.com/archives/hp/current/0044.html
http://marc.info/?l=bugtraq&m=105189670912220&w=2
http://marc.info/?l=bugtraq&m=105190667523456&w=2
http://www.kb.cert.org/vuls/id/971364Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/7627Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11929
http://archives.neohapsis.com/archives/hp/current/0044.html
http://marc.info/?l=bugtraq&m=105189670912220&w=2
http://marc.info/?l=bugtraq&m=105190667523456&w=2
http://www.kb.cert.org/vuls/id/971364Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/7627Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/11929

Timeline

Published: May 19, 2003
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2003-0333?

How severe is CVE-2003-0333?

Severity scoring for CVE-2003-0333 is pending analysis. The EPSS model estimates a 0.65% probability of exploitation in the next 30 days.

How do I fix CVE-2003-0333?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2003-0333?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST