TippingPoint Zero Day Initiative

 

Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability

ZDI-07-079: December 17th, 2007

CVE ID

CVE-2007-6195

Affected Vendors

Hewlett-Packard

Affected Products

HP-UX

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution.

Vendor Response

Hewlett-Packard states:

Hewlett-Packard has issued an update to correct this vulnerability. More details can be found in HP document ID #SB2294r1.

Disclosure Timeline

2007-07-20 - Vulnerability reported to vendor
2007-12-17 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Tenable Network Security

Published Advisories

ZDI-08-062: Apple

• published 2008-09-09

ZDI-08-061: Apple

• published 2008-09-09

ZDI-08-060: Apple

• published 2008-09-09

ZDI-08-059: Apple

• published 2008-09-09

ZDI-08-058: Apple

• published 2008-09-09

Upcoming Advisories

Microsoft

• reported 2008-09-23, 0 days ago

Mozilla Firefox

• reported 2008-09-23, 0 days ago

Microsoft

• reported 2008-09-23, 0 days ago

Microsoft

• reported 2008-09-16, 7 days ago

Apple

• reported 2008-09-16, 7 days ago

Recent Press

Apple issues major patch updates for QuickTime

• published 2008-09-10, ComputerWorld

Where on earth are these Microsoft patches?

• published 2008-08-14, ZDNet

Apple releases new Mac OS X 10.5.5

• published 2008-07-31, ITWire

High-priority patch fixes critical vulns in RealPlayer

• published 2008-07-25, The Register

Firefox 3.0.1 Fixes 'Carpet Bombing' Issue

• published 2008-07-17, SlashDot