AOH :: SCO :: SCO5328.HTM

AOH :: SCO :: SCO5328.HTM
/bin/sar buffer overflow

3rd May 2002 [SBWID-5328]

COMMAND

	/bin/sar buffer overflow

SYSTEMS AFFECTED

	Caldera OpenServer OpenServer 5.0.5 sar,cpusar,mpsar

PROBLEM

	Caldera reports thanks to KF [dotslash@snosoft.com] findings :
	

	If the /usr/bin/sar command is given an  exceedingly  long  argument  to
	the o option, it will memory fault. This could allow  a  malicious  user
	to elevate their permissions.

SOLUTION

	Get :
	

	ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2010 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.