OSVDB ID: 16057 Title: ArcInfo Workstation lockmgr Local Format String |
Info |
|
|
Dates |
||||
|
|
Description |
A format string vulnerability exists in the ArcInfo Workstation 'lockmgr' utility. The lockmgr binary improperly validates the format of an environment variable resulting in a segment violation overflow. With a specially crafted request, an attacker can cause execution of arbitrary code with root privileges resulting in a loss of confidentiality and integrity. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Confidentiality, Loss of Integrity Exploit: Exploit Available Disclosure: OSVDB Verified |
Solution |
Install the vendor's patch to version 9.0, as it has been reported to fix this vulnerability. Patches for ArcInfo Workstation 9.0 are available for the AIX, HP/UX, SGI/IRIX, Solaris - SunOS, and Tru64 platforms. It is also possible to reduce the possibility of the flaw being used for privilege escalation by implementing the following workaround: The ownership of the files in $ARCHOME/bin should be reviewed and any root-owned executables be switched back to the ownership of the normal (non-privileged) ArcInfo install account. |
Products |
|
References |
|
Credit |
|
digitalmunition.com -