Info

Disclosure

Aug 05, 2005

Discovery

Unknown

Dates

Exploit

Aug 05, 2005

Solution

Unknown

Description

A local buffer overflow exists in the "edituser" comand on Lantronix console servers. The "edituser" command fails to check its command line arguments resulting in a stack overflow. With a specially crafted argument, an attacker can gain administrative privileges resulting in a full compromise.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to firmware version 4.4.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Lantronix	Lantronix Secure Console Server SCS820	4.3
	Lantronix Secure Console Server SCS1620	4.3
	Lantronix Secure Console Server SCS3205	4.3
	Lantronix Secure Console Server SCS4805	4.3

References

Secunia Advisory ID: 16345
Related OSVDB ID: 18595 18596
Keyword: An open security advisory #11
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0137.html
Other Advisory URL: http://open-security.org/advisories/11
Vendor URL: http://www.lantronix.com

Credit

c0ntex - c0ntexopen-security.org - Open Security Group

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Lantronix

Lantronix Secure Console Server SCS820

Lantronix Secure Console Server SCS1620

Lantronix Secure Console Server SCS3205

Lantronix Secure Console Server SCS4805

References

Credit