xpcd/libpcd Image Error Overflow

2004-05-22T04:44:20
ID OSVDB:6407
Type osvdb
Reporter OSVDB
Modified 2004-05-22T04:44:20

Description

Vulnerability Description

A local overflow exists in xpcd. The pcd_open function fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

The author has ceased development on xpcd. Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A local overflow exists in xpcd. The pcd_open function fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:11750 Secunia Advisory ID:11695 Secunia Advisory ID:11690 ISS X-Force ID: 16236 CVE-2004-0402