Phase:Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.
ReferencesBUGTRAQ:Thursday, November 13, 2003 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=106873965001431&w=2 | VULNWATCH:Thursday, November 13, 2003 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vul
Votes:Assigned (Tuesday, February 11, 2003)
Comments:None (candidate not yet proposed)
F7: