Info

Disclosure

Nov 29, 2001

Discovery

Unknown

Dates

Exploit

Nov 29, 2001

Solution

Unknown

Description

A local overflow exists in uucp on BSD. The program fails to check bounds, resulting in a buffer overflow. By passing a long string of data, an attacker can execute arbitrary code on the system with the privileges of uucp, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

BSDI	BSD	3.0
		3.1
		4.0
		4.0.1
		4.1
		4.2

References

CVE ID: 2001-1541 (see also: NVD)
Bugtraq ID: 3603
ISS X-Force ID: 7633
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-11/0271.html

Credit

Izik - iziktty64.org -

Direct URL: http://osvdb.org/36218