Gatos xatitv Unspecified Buffer Overflow Vulnerability
BID:12273
Info
Gatos xatitv Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 12273 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0016 |
| Remote: | No |
| Local: | No |
| Published: | Jan 17 2005 12:00AM |
| Updated: | Jul 12 2009 09:27AM |
| Credit: | Erik Sjölund is credited with the discovery of this issue. |
| Vulnerable: |
gatos gatos 0.0.5 |
| Not Vulnerable: | |
Discussion
Gatos xatitv Unspecified Buffer Overflow Vulnerability
An unspecified buffer overflow vulnerability affects the gatos xatitv utility, which is setuid by default. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
The details currently available surrounding this issue are insufficient to provide and accurate technical description. It is not known if this issue is triggered by an excessively long command line argument, or by some configuration file parameter, or by some multimedia file parameter.
This BID will be updated as more details are released.
An attacker may leverage this issue to execute arbitrary instructions with the privileges of the superuser. This may potentially lead to privilege escalation or unauthorized access.
An unspecified buffer overflow vulnerability affects the gatos xatitv utility, which is setuid by default. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.
The details currently available surrounding this issue are insufficient to provide and accurate technical description. It is not known if this issue is triggered by an excessively long command line argument, or by some configuration file parameter, or by some multimedia file parameter.
This BID will be updated as more details are released.
An attacker may leverage this issue to execute arbitrary instructions with the privileges of the superuser. This may potentially lead to privilege escalation or unauthorized access.
Exploit / POC
Gatos xatitv Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Gatos xatitv Unspecified Buffer Overflow Vulnerability
Solution:
Debian has released advisory DSA 640-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.
gatos gatos 0.0.5
Solution:
Debian has released advisory DSA 640-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.
gatos gatos 0.0.5
-
Debian gatos_0.0.5-6woody3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/g/gatos/gatos_0.0.5-6wood y3_i386.deb -
Debian libgatos-dev_0.0.5-6woody3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/g/gatos/libgatos-dev_0.0. 5-6woody3_i386.deb -
Debian libgatos0_0.0.5-6woody3_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/g/gatos/libgatos0_0.0.5-6 woody3_i386.deb