CVE-2006-5557
published 2006-10-27CVE-2006-5557: Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary…
PriorityP424medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
1.41%
69.2th percentile
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
| hp | hp-ux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation
exploitdb·2006-10-24
CVE-2006-5557 HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation
HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation
---
/* HP-UX swmodify buffer overflow exploit
* =======================================
* HP-UX 'swmodify' contains an exploitable stack overflow
* in the handling of command line arguements. Specifically the
* problem occurs due to insufficent bounds checking in the "-S"
* optional arguement. 'swmodify' is installed setuid root by
* default in HP-UX and allows for local root compromise when
* exploiting this issue.
*
* Example.
* $ cc prdelka-vs-HPUX-swmodify.c -o prdelka-vs-HPUX-swmodify
* /usr/ccs/bin/ld: (Warning) At least one PA 2.0 object file
* (prdelka-vs-HPUX-swmodify.o) was detected. The linked output may
* not run on a PA 1.x system.
* $ uname -a
* HP-UX hpux B.11.11 U 9000/785 2012383315 unlimited-user l
Exploit-DB
HP-UX 11i - 'swpackage' Local Stack Overflow / Local Privilege Escalation
exploitdb·2006-10-24
CVE-2006-5557 HP-UX 11i - 'swpackage' Local Stack Overflow / Local Privilege Escalation
HP-UX 11i - 'swpackage' Local Stack Overflow / Local Privilege Escalation
---
/* HP-UX swpackage buffer overflow exploit
* =======================================
* HP-UX 'swpackage' contains an exploitable stack overflow
* in the handling of command line arguements. Specifically the
* problem occurs due to insufficent bounds checking in the "-S"
* optional arguement. 'swpackage' is installed setuid root by
* default in HP-UX and allows for local root compromise when
* exploiting this issue.
*
* Example.
* $ cc prdelka-vs-HPUX-swpackage.c -o prdelka-vs-HPUX-swpackage
* /usr/ccs/bin/ld: (Warning) At least one PA 2.0 object file
* (prdelka-vs-HPUX-swpackage.o) was detected. The linked output may
* not run on a PA 1.x system.
* $ uname -a
* HP-UX hpux B.11.11 U 9000/785 2012383315 unlimited
No writeups or analysis indexed.
http://blogs.23.nu/prdelka/stories/13144/http://osvdb.org/33993http://osvdb.org/33994http://www.securityfocus.com/bid/20706http://www.securityfocus.com/bid/20735https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5035https://www.exploit-db.com/exploits/2633https://www.exploit-db.com/exploits/2634http://blogs.23.nu/prdelka/stories/13144/http://osvdb.org/33993http://osvdb.org/33994http://www.securityfocus.com/bid/20706http://www.securityfocus.com/bid/20735https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5035https://www.exploit-db.com/exploits/2633https://www.exploit-db.com/exploits/2634
2006-10-27
Published