local privilege escalation in scotty

2001-07-0216:45:23

lists.opensuse.org

0.0004 Low

EPSS

Percentile

0.4%

JSON

Tkined’s Scotty is a Tcl extension to build network management applications. Ntping, a ping/traceroute program, is part of the Scotty package. It’s failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges, because ntping is installed setuid root and is executeable by everyone.

OSVersionArchitecturePackageVersionFilename
openSUSE7.0i386scotty< 2.1.10-315scotty-2.1.10-315.i386.rpm
openSUSE7.0ppcscotty< 2.1.10-274scotty-2.1.10-274.ppc.rpm
openSUSE7.0alphascotty< 2.1.10-273scotty-2.1.10-273.alpha.rpm
openSUSE7.0sparcscotty< 2.1.10-268scotty-2.1.10-268.sparc.rpm
openSUSE6.4alphascotty< 2.1.10-272scotty-2.1.10-272.alpha.rpm
openSUSE6.4i386scotty< 2.1.10-314scotty-2.1.10-314.i386.rpm
openSUSE6.3i386scotty< 2.1.10-314scotty-2.1.10-314.i386.rpm
openSUSE6.3alphascotty< 2.1.10-274scotty-2.1.10-274.alpha.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.0	i386	scotty	< 2.1.10-315	scotty-2.1.10-315.i386.rpm
openSUSE	7.0	ppc	scotty	< 2.1.10-274	scotty-2.1.10-274.ppc.rpm
openSUSE	7.0	alpha	scotty	< 2.1.10-273	scotty-2.1.10-273.alpha.rpm
openSUSE	7.0	sparc	scotty	< 2.1.10-268	scotty-2.1.10-268.sparc.rpm
openSUSE	6.4	alpha	scotty	< 2.1.10-272	scotty-2.1.10-272.alpha.rpm
openSUSE	6.4	i386	scotty	< 2.1.10-314	scotty-2.1.10-314.i386.rpm
openSUSE	6.3	i386	scotty	< 2.1.10-314	scotty-2.1.10-314.i386.rpm
openSUSE	6.3	alpha	scotty	< 2.1.10-274	scotty-2.1.10-274.alpha.rpm

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for SUSE-SA:2001:023

cve1