SCO OpenServer auditsh TERM Variable Local Overflow

2001-10-11T00:00:00
ID OSVDB:8837
Type osvdb
Reporter KF(dotslash@snosoft.com)
Modified 2001-10-11T00:00:00

Description

Vulnerability Description

A local overflow exists in SCO OpenServer. The 'auditsh' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, SCO has released a patch to address this vulnerability.

Short Description

A local overflow exists in SCO OpenServer. The 'auditsh' program fails to validate the length of input to the TERM environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause an escalation of privileges resulting in a loss of integrity.

References:

Vendor Specific Advisory URL Related OSVDB ID: 8836 Related OSVDB ID: 8841 Related OSVDB ID: 8842 Related OSVDB ID: 8840 Related OSVDB ID: 8838 Related OSVDB ID: 8839 Mail List Post: http://marc.theaimsgroup.com/?l=vuln-dev&m=99255309504106&w=2 ISS X-Force ID: 7281 CVE-2001-1148