Eterm ETERMPATH Variable Local Overflow

2003-05-27T00:00:00
ID OSVDB:8157
Type osvdb
Reporter bazarr(bazarr@ziplip.com)
Modified 2003-05-27T00:00:00

Description

Vulnerability Description

A local overflow exists in Eterm. The Eterm fails to validate the ETERMPATH variable, resulting in a buffer overflow. By sending a overly long string to the ETERMPATH variable, a local attacker can cause a buffer overflow and gain elevated privileges of the group "utmp" on the system, resulting in a loss of confidentiality and integrity.

Solution Description

Upgrade to version 0.9.2-0pre2002042903.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in Eterm. The Eterm fails to validate the ETERMPATH variable, resulting in a buffer overflow. By sending a overly long string to the ETERMPATH variable, a local attacker can cause a buffer overflow and gain elevated privileges of the group "utmp" on the system, resulting in a loss of confidentiality and integrity.

References:

Vendor Specific Advisory URL Other Advisory URL: http://www.xatrix.org/article3496.html Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=105427580626001&w=2 ISS X-Force ID: 12198 CVE-2003-0382 Bugtraq ID: 7708