Info

Disclosure

Sep 27, 2000

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

FreeBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user misuses the catopen() function. A valid locale file or message catalog containing specially formatted characters can be read by poorly coded privileged applications to execute arbitrary code. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity

Solution

Upgrade to version FreeBSD 4.1-STABLE or 3.5-STABLE after the correction date or later, or patch your present system source code and rebuild, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): (1) download the 'scan_locale.sh' and 'test_locale.sh' scripts provided by FreeBSD using the fetch command, (2) verify their md5 checksums, (3) run the scan_locale.sh script, and (4) remove any binaries found that make use of the exploitable function catopen().

Products

The FreeBSD Project	FreeBSD	3.x
		4.x
		5.0-CURRENT

References

CVE ID: 2000-1012 (see also: NVD)
ISS X-Force ID: 5645
Related OSVDB ID: 6043 6070
Vendor Specific Advisory URL: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc
Vendor URL: http://www.freebsd.org

Credit

Ivan Arce - iarcecore-sdi.com -

Direct URL: http://osvdb.org/6042

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

The FreeBSD Project

FreeBSD

References

Credit