ISS Security Scanner Command Line Overflow

1998-01-01T00:00:00
ID OSVDB:3185
Type osvdb
Reporter OSVDB
Modified 1998-01-01T00:00:00

Description

Vulnerability Description

Internet Security Systems' Internet Security Scanner contains a flaw that allows a local user to gain root privileges. The flaw is due to a stack overflow that occurs when the program parses certain command-line arguments.

Solution Description

Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Internet Security Systems' Internet Security Scanner contains a flaw that allows a local user to gain root privileges. The flaw is due to a stack overflow that occurs when the program parses certain command-line arguments.

References: