PT-2006-6271 · Gnu+1 · Libc+1
Prdelka
·
Published
2006-10-27
·
Updated
2017-10-19
·
CVE-2006-5556
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
HP-UX versions B.11.11
Description:
A buffer overflow issue exists in the localtime r function and certain other functions in libc, allowing local users to execute arbitrary code via a long TZ environment variable.
Recommendations:
For HP-UX version B.11.11, update the libc library to a version that fixes the buffer overflow issue in the localtime r function. As a temporary workaround, consider restricting the length of the TZ environment variable to prevent exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hp-Ux
Libc