VULHUB ™

A vulnerability exists in the handling of user inputted data in the ftp daemon included by Hewlett-Packard as part of its HPUX operating system. By passing format strings as the argument to the PASS ftp command, it is possible to overwrite values on the stack. Additionally, by passing the proper arguments, it is possible to conduct an attack similar to a traditional buffer overflow.

A vulnerability exists in the handling of user inputted data in the ftp daemon included by Hewlett-Packard as part of its HPUX operating system. By passing format strings as the argument to the PASS ftp command, it is possible to overwrite values on the stack. Additionally, by passing the proper arguments, it is possible to conduct an attack similar to a traditional buffer overflow.