GBBS Pro Editor Break Privilege Esaclation

1987-01-27T00:00:00
ID OSVDB:315
Type osvdb
Reporter Mr. Memorex()
Modified 1987-01-27T00:00:00

Description

Vulnerability Description

GBBS Pro contains a flaw that may allow an authenticated user to gain elevated privielges. The issue occurs when a user launches the built in editor and holds down the TAB key, or presses the space bar followed by a CTRL-C. Either set of key sequences will force the editor to abort and leave the user with increased privileges.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

GBBS Pro contains a flaw that may allow an authenticated user to gain elevated privielges. The issue occurs when a user launches the built in editor and holds down the TAB key, or presses the space bar followed by a CTRL-C. Either set of key sequences will force the editor to abort and leave the user with increased privileges.

References:

Other Advisory URL: http://www.palmcoder.net/files/Archives/hacking/bbsenter.txt Generic Informational URL: http://software.bbsdocumentary.com/APPLE/II/GBBSPRO/gladiator.txt