rwhod Buffer Overflow Vulnerability
BID:2298
Info
rwhod Buffer Overflow Vulnerability
| Bugtraq ID: | 2298 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Aug 26 1996 12:00AM |
| Updated: | Aug 26 1996 12:00AM |
| Credit: | Reported to bugtraq by David J. Meltzer <[email protected]> on Wed Aug 21 1996. |
| Vulnerable: |
Redhat Linux 4.0 NetBSD NetBSD 1.0 IBM AIX 3.0 x FreeBSD FreeBSD 2.0 |
| Not Vulnerable: | |
Discussion
rwhod Buffer Overflow Vulnerability
Versions of rwho may fail to properly validate user-supplied input argumenting an rwho query. As a result, it is possible for an attacker to construct a query which overflows rwho's input buffer.
If the malicious input is properly structured, a remote attacker can obtain root privilege.
Versions of rwho may fail to properly validate user-supplied input argumenting an rwho query. As a result, it is possible for an attacker to construct a query which overflows rwho's input buffer.
If the malicious input is properly structured, a remote attacker can obtain root privilege.
Exploit / POC
rwhod Buffer Overflow Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
rwhod Buffer Overflow Vulnerability
Solution:
For users of AIX, new packages of fixes are available for AIX-4.
Solution:
For users of AIX, new packages of fixes are available for AIX-4.
References
rwhod Buffer Overflow Vulnerability
References:
References: