TUCoPS :: SCO :: sco5328.htm

/bin/sar buffer overflow
3rd May 2002 [SBWID-5328]
COMMAND

	/bin/sar buffer overflow

SYSTEMS AFFECTED

	Caldera OpenServer OpenServer 5.0.5 sar,cpusar,mpsar

PROBLEM

	Caldera reports thanks to KF [dotslash@snosoft.com] findings :
	

	If the /usr/bin/sar command is given an  exceedingly  long  argument  to
	the o option, it will memory fault. This could allow  a  malicious  user
	to elevate their permissions.

SOLUTION

	Get :
	

	ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH