SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
BID:13063
Info
SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
| Bugtraq ID: | 13063 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0351 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 07 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | This issue was reported by the vendor. |
| Vulnerable: |
SCO Open Server 5.0.7 SCO Open Server 5.0.6 |
| Not Vulnerable: | |
Discussion
SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
SCO OpenServer auditsh application is affected by a local buffer overflow vulnerability.
This issue presents itself when the affected application handles the HOME environment variable.
A successful attack may allow the attacker to gain elevated privileges in the context of the application. It should be noted that the application is installed as setgid audit.
SCO OpenServer 5.0.6 and 5.0.7 are affected by this issue.
SCO OpenServer auditsh application is affected by a local buffer overflow vulnerability.
This issue presents itself when the affected application handles the HOME environment variable.
A successful attack may allow the attacker to gain elevated privileges in the context of the application. It should be noted that the application is installed as setgid audit.
SCO OpenServer 5.0.6 and 5.0.7 are affected by this issue.
Exploit / POC
SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
Solution:
SCO has released advisory SCOSA-2005.15 to address this issue. Please see the referenced advisory for more information.
SCO Open Server 5.0.6
SCO Open Server 5.0.7
Solution:
SCO has released advisory SCOSA-2005.15 to address this issue. Please see the referenced advisory for more information.
SCO Open Server 5.0.6
-
SCO oss646c.txt
ftp://ftp.sco.com/pub/openserver5/oss646c/oss646c.txt -
SCO SCOSA-2005.15
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.15
SCO Open Server 5.0.7
-
SCO SCOSA-2005.15
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.15
References
SCO OpenServer Auditsh HOME Environment Variable Buffer Overflow Vulnerability
References:
References: