New Search

HP-UX Running ONCplus rpc.pcnfsd Remote Denial of Service (DoS) Increase in Privilege

oval:org.mitre.oval:def:11986

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1 5.3 and earlier; IBM VIOS 2.1 1.5 and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11 B.11.23 and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2010-1039
Product(s):