CVE-2003-0089

Name of the Vulnerable Software and Affected Versions Software Distributor utilities for HP-UX versions B.11.00 through B.11.11

Description A buffer overflow issue exists in the Software Distributor utilities for HP-UX, allowing local users to execute arbitrary code. This is achieved by setting a long LANG environment variable when using setuid programs such as swinstall and swmodify.

Recommendations For HP-UX versions B.11.00 through B.11.11, consider restricting access to the swinstall and swmodify programs until a patch is available. As a temporary workaround, avoid using long LANG environment variables with these programs to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.