CVE-2003-1097

Name of the Vulnerable Software and Affected Versions HP-UX versions B.10.20 through B.11.04

Description A buffer overflow issue exists in the rexec function on HP-UX. This issue may allow local users to gain privileges when the function is setuid root, by providing a long -l option.

Recommendations For HP-UX versions B.10.20 through B.11.04, consider restricting the use of the rexec function when setuid root to minimize the risk of exploitation.