CVE-2007-2791

HP Tru64 UNIX <5.1B-4/5.1B-3 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2791. PoCs published by bunker.

AI-analyzed exploit summary This exploit leverages a timing attack against HP Tru64 UNIX SSH to enumerate valid users by measuring response time differences. It uses Expect to interact with SSH and telnet for banner grabbing.

Description

Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout.

Exploits (1)

exploitdb WORKING POC VERIFIED
by bunker · perlremotetru64
https://www.exploit-db.com/exploits/4032

This exploit leverages a timing attack against HP Tru64 UNIX SSH to enumerate valid users by measuring response time differences. It uses Expect to interact with SSH and telnet for banner grabbing.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: HP Tru64 UNIX v5.1B-3, v5.1B-4
No auth needed
Prerequisites: SSH access to target · User list for enumeration
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1851
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018065
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24036
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34329
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24021
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36204

Scores

EPSS 0.0646
EPSS Percentile 92.9%

Details

Status published
Products (2)
hp/tru64 5.1b3
hp/tru64 5.1b4
Published May 22, 2007
Tracked Since Feb 18, 2026