IRIX ordist Local Overflow

1997-07-01T00:00:00
ID OSVDB:8426
Type osvdb
Reporter OSVDB
Modified 1997-07-01T00:00:00

Description

Vulnerability Description

A local overflow exists in SGI IRIX. The ordist program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, SGI has released a patch to address this vulnerability.

Short Description

A local overflow exists in SGI IRIX. The ordist program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

References:

Vendor URL: http://www.sgi.com/ Vendor Specific Solution URL: ftp://patches.sgi.com/support/free/security/advisories/19970509-02-PX Keyword: 19970509-02-PX ISS X-Force ID: 444 CVE-1999-0029 CERT: CA-1997-21 Bugtraq ID: 415