CERT® Advisory CA-2001-34 Buffer Overflow in System V Derived Login

Alan Vidmar Alan.Vidmar at Colorado.edu
Thu Dec 13 16:44:30 GMT 2001


CERT® Advisory CA-2001-34 Buffer Overflow in System V Derived Login:
Original release date: December 12, 2001

http://www.cert.org/advisories/CA-2001-34.html

Systems Affected:

IBM AIX versions 4.3 and 5.1 
Hewlett-Packard's HP-UX 
SCO OpenServer 5.0.6 and earlier 
SGI IRIX 3.x 
Sun Solaris 8 and earlier 

Overview:

Several applications use login for authentication to the system. A remotely
exploitable buffer overflow exists in login derived from System V. Attackers can
exploit this vulnerability to gain root access to the server. 


"A programmer is a person who turns coffee into software."
Alan R. Vidmar                   Assistant Director of IT
Office of Financial Aid            University of Colorado
Alan.Vidmar at Colorado.EDU                    (303)492-3598
*** This message printed with 100% recycled electrons ***



More information about the unisog mailing list