Info

Disclosure

Nov 26, 2000

Discovery

Unknown

Dates

Exploit

Nov 26, 2000

Solution

Unknown

Description

BSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the rcvtty component fails to properly drop SGID privileges before executing arbitrary commands contained within incoming messages. A malicious user can prepare a shell script containing the commands, which will execute with the privileges of the tty group. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

BSDI	BSD	3.0
		3.1
		4.0
		4.0.1

References

CVE ID: 2000-1103 (see also: NVD)
Bugtraq ID: 2009
ISS X-Force ID: 5587
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-11/0355.html
Generic Exploit URL: http://downloads.securityfocus.com/vulnerabilities/exploits/xrcvtty.c
Packet Storm: http://packetstormsecurity.org/0011-exploits/xrcvtty.c

Credit

Vade79 - v9fakehalo.org -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

BSDI

BSD

References

Credit