CVE-2007-6195

Name of the Vulnerable Software and Affected Versions HP-UX versions B.11.11 through B.11.23

Description The issue is related to a buffer overflow in the sw rpc agent init function in swagentd within Software Distributor (SD) and possibly other DCE applications. This allows remote attackers to execute arbitrary code or cause a denial of service by sending malformed arguments in an opcode 0x04 DCE RPC request.

Recommendations For HP-UX versions B.11.11 through B.11.23, consider restricting access to the swagentd service until a patch is available. As a temporary workaround, avoid using the sw rpc agent init function in swagentd to minimize the risk of exploitation.