Hewlet Packard HP-UX Portable File System Buffer Overflow Vulnerability

Hewlet Packard HP-UX Portable File System Buffer Overflow Vulnerability

HP-UX running PFS (Portable File System) is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

An attacker may exploit this issue by submitting two maliciously crafted packets to a vulnerable computer.

The attacker may exploit this issue to execute arbitrary code on an affected computer with superuser privileges. Successful exploits will result in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

NOTE: This vulnerability was initially reported as a privilege-escalation issue. Newly available information shows that this issue is a buffer-overflow vulnerability. This BID has been updated to reflect the changes.