SCO Open Server 5.0.6 - lpforms Buffer Overflow

2001-03-27T00:00:00
ID EXPLOITPACK:52E15ED85D72D9EFD7A118D1C5D41BBE
Type exploitpack
Reporter Secure Network Operations
Modified 2001-03-27T00:00:00

Description

SCO Open Server 5.0.6 - lpforms Buffer Overflow

                                        
                                            source: https://www.securityfocus.com/bid/2554/info

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid bin executables used in printer administration and related tasks.

This includes lpforms, a component used to manage and configure print destinations, devices and printer interface programs.

'lpforms' contains a locally exploitable buffer overflow vulnerability. If a command line parameter argument is of excessive length, a stack overflow condition will occur.

An attacker may exploit this vulnerability execute arbitrary code with effective user 'bin' privileges. 

/opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpforms `perl -e 'print "A" x 7000'`

Memory fault - core dumped