Lantonix Secure Console Server edituser Local Overflow

2005-08-05T09:17:25
ID OSVDB:18597
Type osvdb
Reporter c0ntex(c0ntex@open-security.org)
Modified 2005-08-05T09:17:25

Description

Vulnerability Description

A local buffer overflow exists in the "edituser" comand on Lantronix console servers. The "edituser" command fails to check its command line arguments resulting in a stack overflow. With a specially crafted argument, an attacker can gain administrative privileges resulting in a full compromise.

Solution Description

Upgrade to firmware version 4.4.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local buffer overflow exists in the "edituser" comand on Lantronix console servers. The "edituser" command fails to check its command line arguments resulting in a stack overflow. With a specially crafted argument, an attacker can gain administrative privileges resulting in a full compromise.

References:

Vendor URL: http://www.lantronix.com Secunia Advisory ID:16345 Related OSVDB ID: 18595 Related OSVDB ID: 18596 Other Advisory URL: http://open-security.org/advisories/11 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0137.html Keyword: An open security advisory #11