|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
A remote overflow exists in WorldView on IRIX. The jserver fails to validate input resulting in a buffer overflow. With a specially crafted request, such as a long string with a Wnn command (JS_OPEN, JS_MKDIR or JS_FILE_INFO), an attacker can execute arbitrary shellcode as root, resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
This vulnerability is only present in the Japanese, Korean, and Chinese WorldView products.
|
|
Solution |
The steps below can be used to minimize exposure to the WorldView
vulnerability. (Translated from Japanese).
1) Become the root user on the system.
% /bin/su -
Password:
#
2) Verify WorldView is installed. Only systems that have WorldView installed are vulnerable.
# versions -b
I WorldView_base_jp 05/06/1998 WorldView Base Japanese 6.5
I WorldView_books_jp 05/06/1998 WorldView Books: Japanese 6.5
I WorldView_fonts_jp1 05/06/1998 WorldView Fonts Japanese, 6.5
I WorldView_japanese 05/06/1998 WorldView Japanese 6.5
3) If the WorldView is not currently needed, disable the jserver.
# chkconfig jserver off
Note: This will disable Japanese character input support.
4) Add the following lines to the files /etc/password and /etc/group with a text editor like vi.
/etc/passwd:
wnn:*:127:127:Wnn System Account:/usr/lib/wnn6:/bin/sh
/etc/group:
wnn:*:127
5) Change the owner of the WNN related files.
# chown -R wnn.sys /usr/bin/Wnn6
# chown -R wnn.sys /usr/lib/wnn6
6) Verify that the file ownership changes have been made.
# ls -ls /usr/bin/Wnn6/jserver
1136 -r-sr-xr-x 1 wnn sys 578660
# ls -ls /usr/lib/wnn6/serverdefs
8 -rw-r--r-- 1 wnn sys 662
7) Reboot the system.
# reboot
|
|
Products |
|
WorldView
 |
Unknown or Unspecified |
|
|
|
|
|
|
Credit |
- UNYUN - shadowpenguin
 backsection.net -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
