header-logo
Suggest Exploit
vendor:
HP-UX
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: HP-UX
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: HP-UX
2002

HP-UX rwrite Utility Buffer Overflow Vulnerability

HP-UX rwrite utility has been reported prone to a buffer overflow vulnerability. The condition presents itself when excessive data is supplied as part of an argument passed to the vulnerable utility. Due to the lack of bounds checking, the vulnerable utility will crash.

Mitigation:

The user should ensure that the rwrite utility is not used with untrusted input.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7489/info

HP-UX rwrite utility has been reported prone to a buffer overflow vulnerability. Although unconfirmed code execution with elevated privileges may be possible.

The condition presents itself when excessive data is supplied as part of an argument passed to the vulnerable utility. Due to the lack of bounds checking, the vulnerable utility will crash.

The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available.

$ /usr/lbin/rwrite something `perl -e 'print "A" x 14628'` something

Navigation

Suggest Exploit

Services By CQR