CVE

Id
3388  
CVE No.
CVE-2001-0575  
Status
Candidate  
Description
Buffer overflow in lpshut in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a long first argument to lpshut.  
Phase
Modified (20020225-01)  
Votes
ACCEPT(3) Baker, Frech, Williams | MODIFY(1) Bishop | NOOP(4) Cole, Foat, Wall, Ziese  
Comments
Bishop> recommend combining as stated in analysis | Baker> http://support.caldera.com/caldera/solution?11=113723&130=0988647911&14=&2715=&15=&2716=&57=search&58=&2900=dckSSu3pru&25=6&3=SSE072B | "What is SSE072B, the buffer overflow security patch for Openserver 5? (Ref. #113723)" | Buffer overflows have been found in the following 19 | SCO OpenServer 5 utilities: | | /usr/bin/accept | /usr/bin/cancel | /usr/mmdf/bin/deliver | /usr/bin/disable | /usr/bin/enable | /usr/lib/libcurses.a | /usr/bin/lp | /usr/lib/lpadmin | /usr/lib/lpfilter | /usr/lib/lpforms | /usr/lib/lpmove | /usr/lib/lpshut | /usr/bin/lpstat | /usr/lib/lpusers | /usr/bin/recon | /usr/bin/reject | /usr/bin/rmail | /usr/lib/sendmail | /usr/bin/tput | | NOTE: the accept, reject, enable, and disable commands are | symbolically linked to the same binary. | | Running any of the above utilities with a very large argument | can result in a core dump.  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
14663 3388 CVE-2001-0575 BUGTRAQ:20010327 SCO 5.0.6 issues (lpshut)  View
14664 3388 CVE-2001-0575 URL:http://archives.neohapsis.com/archives/bugtraq/2001-03/0404.html  View
14665 3388 CVE-2001-0575 BUGTRAQ:20010412 SSE072B: SCO OpenServer revision of buffer overflow fixes  View
14666 3388 CVE-2001-0575 URL:http://security-archive.merton.ox.ac.uk/bugtraq-200104/0221.html  View
14667 3388 CVE-2001-0575 XF:sco-openserver-lpshut-bo(6290)  View

Related JVN