3815 : IRIX gr_osview -D Parameter Local Overflow
Printer | http://osvdb.org/3815 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

about 1 year ago

Percent Complete

70%

Disclosure

Aug 02, 2000

Discovery

Jan 01, 1997

Dates

Exploit

Unknown

Solution

Unknown

Keywords

No Keywords

Description

A local overflow exists in IRIX. The gr_osview program fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can gain root privileges resulting in a loss of confidentiality, integrity, and/or availability.

Classification

Attack Type: Input Manipulation

Solution

Currently, there are no known workarounds to correct this issue. However, SGI has released a patch to address this vulnerability in the 6.5.x versions. All other versions should upgrade to 6.5.23.

Products

Silicon Graphics, Inc.	IRIX	6.5.x
		6.2
		6.3
		6.4

References

Secunia Advisory ID: 10750
Bugtraq ID: 1526
CVE ID: 2000-0797 (see also: NVD)
ISS X-Force ID: 5062
Vendor Specific Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20040104-01-P.asc
Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2000-07/0461.html
http://www.lsd-pl.net/files/get?IRIX/irx_gr_osview

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Keywords

Description

Classification

Solution

Products

Silicon Graphics, Inc.

IRIX

References

Credit

Blogs

Comments