Security Bug in Legacy Unix HP-UX
A security bug has been discovered in Hewlett Packard's HP-UX Unix version; there are no plans to remove it.
Security researchers iDefense disclosed that attackers can exploit a buffer overflow bug in the "ldcconn" module to execute arbitrary code. The module is part of the "HP Controller for Cisco Local Director" configuration tool and runs on TCP port 17781 via "inetd". An attacker can provoke a buffer overflow by sending an overly long command string to this port.
The bug affects HP-UX Version 11.x systems sold after the year 2000. According to HP there are no plans to remove the bug as the HP controller is no longer maintained. Administrators are advised to use other configuration tools or migrate to a more recent system.
Issue 210/2018
Buy this issue as a PDF
News
-
Red Hat Enterprise Linux 7.5 Released
The latest release is focused on hybrid cloud.
-
Microsoft Releases a Linux-Based OS
The company is building a new IoT environment powered by Linux.
-
Solomon Hykes Leaves Docker
In a surprise move, Solomon Hykes, the creator of Docker has left the company.
-
Red Hat Celebrates 25th Anniversary with a New Code Portal
The company announces a GitHub page with links to source code for all its projects
-
Gnome 3.28 Released
The latest GNOME rolls out with better contact management and new features for handling virtual machines.
-
Install Firefox in a Snap on Linux
Mozilla has picked the Snap package system to deliver its application to Linux users.
-
OpenStack Queens Released
The new release comes with new features for mission critical workloads.
-
Kali Linux Comes to Windows
The Kali Linux developers even managed to run full blown XFCE desktop via WSL.
-
Ubuntu to Start Collecting Some Data with Ubuntu 18.04
It will be an ‘opt-out’ feature.
-
CNCF Illuminates Serverless Vision
The Cloud Native Computing Foundation announces a paper describing their model for a serverless ecosystem.