Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:860296
HistoryDec 20, 2001 - 12:00 a.m.

CDE dtprintinfo contains local buffer overflow in Help window via clipboard copy

2001-12-2000:00:00
www.kb.cert.org
6

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Overview

The CDE Print Viewer program _dtprintinfo _provides a graphical interface display the status of print queues and print jobs. By using the clipboard to overflow the search field in the Help window of dtprintinfo, a local attacker can execute arbitrary code on the system as root.

Description

There is a buffer overflow in the graphical program used to view print job status in CDE-aware desktop environments. Since dtprintinfo is commonly set to be setuid root, this defect could allow a local attacker to execute arbitrary code as root.

Impact

A user with local access can execute arbitrary code with root privileges.

Solution

Apply a patch from your vendor.

Sun patches:

108949-04: CDE 1.4: libDtHelp/libDtSvc patch 108950-04: CDE 1.4_x86: litDtHelp/libDtSvc patch

Please see other vendor statements for additional patch information.

Workaround

Disable dtprintinfo or ‘chmod -s’ the binary.

Vendor Information

860296

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Compaq Computer Corporation __ Affected

Notified: March 09, 2001 Updated: April 30, 2002

Status

Affected

Vendor Statement

`COMPAQ COMPUTER CORPORATION

x-reference: case id SSRT1-78U
`

At the time of writing this document, patches(binary kits) are in progress and final testing is expected to begin soon. Compaq will provide notice of the completion/availibility of the patches through AES services (DIA, DSNlink FLASH) and be available from your normal Compaq Support channel.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

Hewlett Packard __ Affected

Updated: August 22, 2001

Status

Affected

Vendor Statement

Please see _HPSBUX0105-151: Security Vulnerabilities in CDE on HP-UX_ at

&lt;http://www.itresourcecenter.hp.com/&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

IBM __ Affected

Notified: March 01, 2001 Updated: December 19, 2001

Status

Affected

Vendor Statement

IBM’s AIX operating system is vulnerable.

We have developed official fixes to close this vulnerability.

Customers who run AIX 4.3.x should apply APAR #IY21539.
Customers who run AIX 5.1 should apply APAR #IY20917.

See <http://techsupport.services.ibm.com/rs6k/fixdb.html&gt; to obtain these APARs.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

Open Group Affected

Notified: August 15, 2001 Updated: December 17, 2001

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

Sun __ Affected

Updated: March 05, 2001

Status

Affected

Vendor Statement

The following patches have been made avaialble:

108949-04: CDE 1.4: libDtHelp/libDtSvc patch 108950-04: CDE 1.4_x86: litDtHelp/libDtSvc patch

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

Cray __ Not Affected

Updated: December 20, 2001

Status

Not Affected

Vendor Statement

UNICOS and UNICOS/mk are not vulnerable to either of these two [issues]. For further information see Cray SPR 721061.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The other issue Cray is responding to is VU#595507.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

SGI Unknown

Notified: March 01, 2001 Updated: December 17, 2001

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

Xi Graphics __ Unknown

Notified: October 03, 2001 Updated: December 17, 2001

Status

Unknown

Vendor Statement

Xi Graphics is investigating this report and will provide more information when it is available.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23860296 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

The CERT/CC thanks Kevin Kotas of Ernst & Young’s eSecurityOnline for reporting this vulnerability to us and to affected vendors.

This document was written by Jeffrey S. Havrilla.

Other Information

CVE IDs: CVE-2001-0551
Severity Metric: 6.75 Date Public:

Related

securityvulns 1
cve 1
securityvulns
securityvulns
eSecurityOnline Security Advisory 2406 - CDE dtprintinfo Help sea rch buffer overflow vulnerability
2002-04-30 00:00:00
cve
cve
CVE-2001-0551
2001-05-22 04:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON
Related for VU:860296
securityvulns1cve1