IRIX scheme Local Overflow

1997-07-01T00:00:00
ID OSVDB:8425
Type osvdb
Reporter OSVDB
Modified 1997-07-01T00:00:00

Description

Vulnerability Description

A local overflow exists in SGI IRIX. The scheme program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, SGI has released a patch to address this vulnerability.

Short Description

A local overflow exists in SGI IRIX. The scheme program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

References:

Vendor URL: http://www.sgi.com/ Vendor Specific Advisory URL Keyword: 19970508-02-PX ISS X-Force ID: 443 CVE-1999-0028 CIAC Advisory: h-106 CERT: CA-1997-21