Security Bug in Legacy Unix HP-UX
A security bug has been discovered in Hewlett Packard's HP-UX Unix version; there are no plans to remove it.
Security researchers iDefense disclosed that attackers can exploit a buffer overflow bug in the "ldcconn" module to execute arbitrary code. The module is part of the "HP Controller for Cisco Local Director" configuration tool and runs on TCP port 17781 via "inetd". An attacker can provoke a buffer overflow by sending an overly long command string to this port.
The bug affects HP-UX Version 11.x systems sold after the year 2000. According to HP there are no plans to remove the bug as the HP controller is no longer maintained. Administrators are advised to use other configuration tools or migrate to a more recent system.
Issue 29: Linux Shell Handbook 8th Ed./Special Editions
Buy this issue as a PDF
News
-
Linus Torvalds Talks About His Motivation
He never tires of working on the Linux kernel.
-
Debian 9 Stretches its Wings
The new release of Debian has a very strong focus on security.
-
Trojan Turns Raspberry Pi into a Cryptocurrency Mining Device
Two trojans in the wild are targeting Linux machines.
-
Fedora 26 Beta Comes with New Features
The workstation comes with the latest Gnome desktop environment and support for many application build systems.
-
Raspberry Pi Foundation Merges with CoderDojo Foundation
The two foundations join forces to expand their efforts to reach young people.
-
Samba Security Hole Patched but Risk is Bigger
Millions of devices that use Samba Server are vulnerable to attacks.
-
Red Hat Announces OpenShift.io
Red Hat takes its IDE online.
-
Microsoft Bakes Linux into Windows Server
Microsoft is slowly becoming a Linux vendor.
-
Fearless Coyote, Linux Kernel 4.11 is Out
The new kernel makes swap implementation more scalable, which will help cloud providers.
-
Docker Appoints Steve Singh CEO
The new CEO comes from a very strong SaaS background.