HP-UX passwd Command Line Overflow

1997-01-03T00:00:00
ID OSVDB:6415
Type osvdb
Reporter OSVDB
Modified 1997-01-03T00:00:00

Description

Vulnerability Description

HP-UX passwd command contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a command line buffer overflow occurs in the passwd utility. This flaw may lead to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, HP-UX has released a series of patches to address this vulnerability.

Short Description

HP-UX passwd command contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a command line buffer overflow occurs in the passwd utility. This flaw may lead to a loss of integrity.

References:

Other Advisory URL: ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.13.HP-UX.passwd.vul Keyword: HPSBUX9701-045 ISS X-Force ID: 3704 Generic Informational URL: http://strc.comet.ucar.edu/mail/unix_admin/1997/1997_6.htm CVE-1999-0962