module
HP-UX LPD Command Execution
| Disclosed | Created |
|---|---|
| Aug 28, 2002 | May 30, 2018 |
Disclosed
Aug 28, 2002
Created
May 30, 2018
Description
This exploit abuses an unpublished vulnerability in the
HP-UX LPD service. This flaw allows an unauthenticated
attacker to execute arbitrary commands with the privileges
of the root user. The LPD service is only exploitable when
the address of the attacking system can be resolved by the
target. This vulnerability was silently patched with the
buffer overflow flaws addressed in HP Security Bulletin
HPSBUX0208-213.
HP-UX LPD service. This flaw allows an unauthenticated
attacker to execute arbitrary commands with the privileges
of the root user. The LPD service is only exploitable when
the address of the attacking system can be resolved by the
target. This vulnerability was silently patched with the
buffer overflow flaws addressed in HP Security Bulletin
HPSBUX0208-213.
Author
Platform
HPUX,Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.