vendor:
N/A
by:
Solar Designer
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
1997
Cray UNICOS 9.0/9.2/MAX 1.3/mk 1.5,AIX <= 4.2,Linux libc <= 5.2.18,RedHat 4.0,IRIX 6.2,Slackware 3.1 Natural Language Service (NLS) Vulnerability (2)
A buffer overflow condition affects libraries using the Natural Language Service (NLS). The NLS is the component of UNIX systems that provides facilities for customizing the natural language formatting for the system. It is possible to exploit this vulnerability to attain unauthorized access by supplying carefully crafted arguments to programs that are owned by a privileged user-id and that have setuid or setgid bits set.
Mitigation:
Ensure that the NLSPATH and PATH_LOCALE environment variables are not set to untrusted values.