Computer Security
[EN] securityvulns.ru no-pyccku


HP-UX, IBM AIX, SGI IRIX rpc.pcnfsd format string vulnerability
Published:26.05.2010
Source:
SecurityVulns ID:10864
Type:remote
Threat Level:
7/10
Description:Format string vulnerability on syslog() call.
Affected:SGI : Irix 6.5
 HP : HP-UX 11.11
 HP : HP-UX 11.23
 HP : HP-UX 11.31
 IBM : AIX 6.1
CVE:CVE-2010-1039 (Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.)
Original documentdocumentCHECKPOINT, HP-UX, IBM AIX, SGI IRIX Remote Vulnerability - CVE-2010-1039 (26.05.2010)
Files:rpc.pcnfsd remote format string exploit, tested against AIX 6.1.0 and lower

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod