Solaris OpenWindows sdtcm_convert Overflow

1997-02-21T00:00:00
ID OSVDB:11492
Type osvdb
Reporter OSVDB
Modified 1997-02-21T00:00:00

Description

Vulnerability Description

A local overflow exists in the sdtcm_convert program used with OpenWindows. sdtcm_convert fails to correctly check incoming data resulting in a buffer overflow. With a specially crafted request, an attacker can gain root access resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems has released a patch to address this vulnerability.

Short Description

A local overflow exists in the sdtcm_convert program used with OpenWindows. sdtcm_convert fails to correctly check incoming data resulting in a buffer overflow. With a specially crafted request, an attacker can gain root access resulting in a loss of integrity.

References:

Vendor Specific Advisory URL ISS X-Force ID: 1729 CVE-1999-0369 Bugtraq ID: 166