SCO OpenServer disable Local Overflow

2001-04-13T00:00:00
ID OSVDB:7660
Type osvdb
Reporter OSVDB
Modified 2001-04-13T00:00:00

Description

Vulnerability Description

A local overflow exists in OpenServer. The disable command fails to validate user-supplied input resulting in a buffer overflow. With a specially crafted request consisting of a long character string, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, SCO has released a patch to address this vulnerability.

Short Description

A local overflow exists in OpenServer. The disable command fails to validate user-supplied input resulting in a buffer overflow. With a specially crafted request consisting of a long character string, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor Specific Advisory URL ISS X-Force ID: 6407 Bugtraq ID: 2585