Info

Disclosure

Oct 05, 2001

Discovery

Unknown

Dates

Exploit

Oct 05, 2001

Solution

Unknown

Description

Progress Database is prone to an overflow condition. The _probrkr utility fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted input, a local attacker can potentially excute commands.

Classification

Location: Physical Access Required
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Third-party Verified

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Unknown or Incomplete

References

Related OSVDB ID: 11900 11901 11902 11903 11904 11906 11907
CVE ID: 2001-1127 (see also: NVD)
Bugtraq ID: 3404
ISS X-Force ID: 7236
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-10/0041.html
Packet Storm: http://packetstormsecurity.org/0101-exploits/progress-db.txt

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/11905