Hewlett Packard HP-UX LDCCONN Remote Buffer Overflow Vulnerability

Bugtraq ID:	25227
Class:	Boundary Condition Error
CVE:	CVE-2007-4241
Remote:	Yes
Local:	No
Published:	Aug 07 2007 12:00AM
Updated:	May 07 2015 05:36PM
Credit:	iDefense Labs discovered this issue.
Vulnerable:	HP HP-UX 11.11i
Not Vulnerable:

Hewlett Packard HP-UX LDCCONN Remote Buffer Overflow Vulnerability

HP-UX is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code with superuser privileges. Successful attacks will completely compromise affected computers.

HP-UX 11.11i is vulnerable; other versions may also be affected.

Hewlett Packard HP-UX LDCCONN Remote Buffer Overflow Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Hewlett Packard HP-UX LDCCONN Remote Buffer Overflow Vulnerability

Solution:
The vendor has stated that the affected product and version are obsolete and no longer supported. The vendor recommends upgrading to a currently supported operating system. Contact the vendor for details.

Hewlett Packard HP-UX LDCCONN Remote Buffer Overflow Vulnerability

References:

• HP-UX Homepage (HP)
  
• iDefense Security Advisory 08.07.07: Hewlett-Packard HP-UX Remote ldcconn Buffe (iDefense Labs)
  
• Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability (iDefense Labs)