header-logo
Suggest Exploit
vendor:
cd9660.util Utility
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer Overrun
120
CWE
Product Name: cd9660.util Utility
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Buffer Overrun Vulnerability in cd9660.util Utility

The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun the bounds of a reserved buffer in memory. Because memory adjacent to this buffer has been reported to contain saved values that are crucial to controlling execution flow, a local attacker may potentially influence cd9660.util execution flow into attacker-supplied instructions.

Mitigation:

Input validation should be used to prevent buffer overruns.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9228/info

The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun the bounds of a reserved buffer in memory. Because memory adjacent to this buffer has been reported to contain saved values that are crucial to controlling execution flow, a local attacker may potentially influence cd9660.util execution flow into attacker-supplied instructions.

./cd9660.util -p `perl -e "print 'A'x512"`

Navigation

Suggest Exploit

Services By CQR