FreeBSD libc setlocale() PATH_LOCALE Variable Overflow

1997-02-05T00:00:00
ID OSVDB:6086
Type osvdb
Reporter OSVDB
Modified 1997-02-05T00:00:00

Description

Vulnerability Description

A local overflow exists in FreeBSD. The setlocale() function fails to check bounds of the PATH_LOCALE environment variable resulting in a stack overflow. With a specially crafted request, an attacker can gain root privileges resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, FreeBSD has released a patch to address this vulnerability.

Short Description

A local overflow exists in FreeBSD. The setlocale() function fails to check bounds of the PATH_LOCALE environment variable resulting in a stack overflow. With a specially crafted request, an attacker can gain root privileges resulting in a loss of integrity.

References:

Vendor URL: http://www.freebsd.org Vendor Specific Advisory URL ISS X-Force ID: 3829 CVE-1999-0964