module
HP-UX LPD Command Execution
| Disclosed | Created |
|---|---|
| 08/28/2002 | 05/30/2018 |
Disclosed
08/28/2002
Created
05/30/2018
Description
This exploit abuses an unpublished vulnerability in the
HP-UX LPD service. This flaw allows an unauthenticated
attacker to execute arbitrary commands with the privileges
of the root user. The LPD service is only exploitable when
the address of the attacking system can be resolved by the
target. This vulnerability was silently patched with the
buffer overflow flaws addressed in HP Security Bulletin
HPSBUX0208-213.
HP-UX LPD service. This flaw allows an unauthenticated
attacker to execute arbitrary commands with the privileges
of the root user. The LPD service is only exploitable when
the address of the attacking system can be resolved by the
target. This vulnerability was silently patched with the
buffer overflow flaws addressed in HP Security Bulletin
HPSBUX0208-213.
Author
hdm
Platform
HPUX,Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/hpux/lpd/cleanup_exec
msf /(c) > show actions
...actions...
msf /(c) > set ACTION < action-name >
msf /(c) > show options
...show and set options...
msf /(c) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.