HP-UX landiag/lanadmin Environment Variable Local Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

HP-UX landiag/lanadmin Environment Variable Local Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported for two utilities shipped with HP-UX systems. The vulnerabilities exist in the landiag and lanadmin programs. The vulnerability exists due to improper bounds checking of some environment variables.