OSVDB ID: 16063 Title: ArcInfo Workstation asrecovery Local Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A local overflow exists in the ArcInfo Workstation 'asrecovery' utility. The asrecovery binary fails to check the length of parameters given on the command line resulting in a segment violation overflow. With a specially crafted request, an attacker may be able to cause execution of arbitrary code with root privileges resulting in a loss of confidentiality and integrity. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Confidentiality, Loss of Integrity Exploit: Exploit Unknown Disclosure: OSVDB Verified |
Solution |
Install the vendor's patch to version 9.0, as it has been reported to fix this vulnerability. Patches for ArcInfo Workstation 9.0 are available for the AIX, HP/UX, SGI/IRIX, Solaris - SunOS, and Tru64 platforms. It is also possible to reduce the possibility of the flaw being used for privilege escalation by implementing the following workaround: The ownership of the files in $ARCHOME/bin should be reviewed and any root-owned executables be switched back to the ownership of the normal (non-privileged) ArcInfo install account. |
Products |
|
References |
|
Credit |
|
digitalmunition.com -