header-logo
Suggest Exploit
vendor:
wmcdplay
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: wmcdplay
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unix
2002

wmcdplay Buffer Overflow

wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow attack due to lack of bounds checking on an argument it is passed. As a result, a local user can elevate their priviliges to root through overruning the stack and executing arbitrary code with the effective user-id of the process (root).

Mitigation:

Ensure that wmcdplay is not installed with setuid root privileges.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1047/info
 
wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow attack due to lack of bounds checking on an argument it is passed. As a result, a local user can elevate their priviliges to root through overruning the stack and executing arbitrary code with the effective user-id of the process (root).

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19803.tar.gz

Navigation

Suggest Exploit

Services By CQR