su-wrapper First Argument Local Overflow

2001-06-06T00:00:00
ID OSVDB:8235
Type osvdb
Reporter Dex(dexgod@softhome.net)
Modified 2001-06-06T00:00:00

Description

Vulnerability Description

A local overflow exists in the suid wrapper (su-wrapper). The su-wrapper fails to perform proper memory control which can allow a specially crafted request using a string containing 1032 characters or more as the first argument to induce a buffer overflow, resulting in a loss of integrity, and the execution of execute arbitrary code on the system with root privileges.

Solution Description

Upgrade to su-wrapper version 1.1.1 or higher, as it has been reported to fix this vulnerability. An unsupported fix has been provided by Guy Tsafnat. This patch is not vendor-supported.

Short Description

A local overflow exists in the suid wrapper (su-wrapper). The su-wrapper fails to perform proper memory control which can allow a specially crafted request using a string containing 1032 characters or more as the first argument to induce a buffer overflow, resulting in a loss of integrity, and the execution of execute arbitrary code on the system with root privileges.

References:

Other Solution URL: http://www.securityfocus.com/data/vulnerabilities/patches/su-wrapper.c Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-06/0057.html ISS X-Force ID: 6675 CVE-2001-0762 Bugtraq ID: 2837