HP-UX 11 RWrite - Buffer Overflow

EDB-ID:

22561


Type:

dos


Platform:

HP-UX

Date:

2003-05-02


source: https://www.securityfocus.com/bid/7489/info

HP-UX rwrite utility has been reported prone to a buffer overflow vulnerability. Although unconfirmed code execution with elevated privileges may be possible.

The condition presents itself when excessive data is supplied as part of an argument passed to the vulnerable utility. Due to the lack of bounds checking, the vulnerable utility will crash.

The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available.

$ /usr/lbin/rwrite something `perl -e 'print "A" x 14628'` something