CVE-2004-0716 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Hp-ux

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

5.5%

top 9.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux

Timeline

PublishedAug 6

Latest updateApr 29

Description

Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/hp-ux11

Patches

Patch: support.entegrity.com ↗Patch: support.entegrity.com ↗

🔴Vulnerability Details

GHSA

GHSA-fcqf-rh65-9268: Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a reque↗2022-04-29

▶

CVEList

CVE-2004-0716: Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a reque↗2004-07-27

▶