Info

Disclosure

Apr 30, 2005

Discovery

Jan 18, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in ESRI ArcInfo Workstation. The "se" binary fails to handle overly long command line arguments issued resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary files with root privileges, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Rumored / Private
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, ESRI has released a patch to address this vulnerability.

Products

ESRI

ArcInfo Workstation

9.0

References

Keyword: #409658 defect number CQ00261045
Security Tracker: 1013852
Bugtraq ID: 13453
Secunia Advisory ID: 15196
Related OSVDB ID: 16057 16058 16059 16060 16061 16063
CVE ID: 2005-1393 (see also: NVD)
ISS X-Force ID: 20372
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0656.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0542.html
Vendor Specific Solution URL: http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID= ......
http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID= ......
Vendor URL: http://www.esri.com/

Credit

Kevin Finisterre - kfdigitalmunition.com -

Direct URL: http://osvdb.org/36218