CVE Vulnerability

CVE-2007-6195

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.zerodayinitiative.com/advisories/ZDI-07-079.html
http://www.securityfocus.com/bid/26855 Patch
http://www.securitytracker.com/id?1019098
http://secunia.com/advisories/28087 Vendor Advisory
http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01294212-1
http://www.vupen.com/english/advisories/2007/4220 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5710
http://www.securityfocus.com/archive/1/485260/100/0/threaded
Configurations

Configuration 1

cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*
Information

Published : 2007-12-15 01:46

Updated : 2018-10-15 09:50

NVD link : CVE-2007-6195

Mitre link : CVE-2007-6195

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer