[原文]Buffer overflow in HP Radia Notify Daemon 18.104.22.168 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.
HP Radia Notify Daemon Malformed File Extension Remote Overflow
Remote / Network Access
Loss of Integrity
A remote overflow exists in Radia Notify Daemon. The program fails to validate long filename extensions resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Hewlett-Packard has released a patch to address this vulnerability.