header-logo
Suggest Exploit
vendor:
utempter
by:
Unknown
N/A
CVSS
N/A
Input validation error, failure to validate buffer boundaries
Unknown
CWE
Product Name: utempter
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE:
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

utempter local vulnerabilities

The first issue is an input validation error that allows for symbolic link attacks, potentially leading to corruption of system files. The second issue is a failure to properly validate buffer boundaries, which may result in crashes and potentially allow for arbitrary code execution.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10178/info

It has been reported that utempter is affected by multiple local vulnerabilities. The first issue is due to an input validation error that causes the application to exit improperly; facilitating symbolic link attacks. The second issue is due to a failure of the application to properly validate buffer boundaries.

The first issue results in a symbolic link vulnerability. Since utempter runs with root privileges, this issue could be leveraged to corrupt arbitrary, attacker-specified system files.

The second problem presents itself when utempter processes certain strings. These errors may cause the affected process to crash. It has been conjectured that this may be leveraged to execute arbitrary code on the affected system, however this is currently unverified.

An attacker would create the following symbolic link that references an arbitrary system file:

/tmp/tty0

The attacker would then provide the following device descriptor string to the application:

/dev/../tmp/tty0