← back
CVE-2005-3277

CVE-2005-3277

EPSS 18.9%
The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/1261unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/hp/2002-q3/0064.htmlhttp://www.frsirt.com/exploits/20051019.hpux_lpd_exec.pm.phphttp://www.securityfocus.com/bid/15136