Vulnerabilities > CVE-2002-1473 - Denial-Of-Service vulnerability in HP-Ux 10.20/11.00/11.11
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Exploit-Db
description HP-UX LPD Command Execution. CVE-2002-1473. Remote exploit for hp-ux platform id EDB-ID:16927 last seen 2016-02-02 modified 2010-10-06 published 2010-10-06 reporter metasploit source https://www.exploit-db.com/download/16927/ title HP-UX LPD Command Execution description HP-UX LPD 10.20, 11.00, 11.11 Command Execution. CVE-2002-1473. Remote exploit for hp-ux platform id EDB-ID:10034 last seen 2016-02-01 modified 2002-08-28 published 2002-08-28 reporter H D Moore source https://www.exploit-db.com/download/10034/ title HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution
Metasploit
| description | This exploit abuses an unpublished vulnerability in the HP-UX LPD service. This flaw allows an unauthenticated attacker to execute arbitrary commands with the privileges of the root user. The LPD service is only exploitable when the address of the attacking system can be resolved by the target. This vulnerability was silently patched with the buffer overflow flaws addressed in HP Security Bulletin HPSBUX0208-213. |
| id | MSF:EXPLOIT/HPUX/LPD/CLEANUP_EXEC |
| last seen | 2020-05-23 |
| modified | 2017-07-24 |
| published | 2006-01-16 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/hpux/lpd/cleanup_exec.rb |
| title | HP-UX LPD Command Execution |