• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SCO OpenServer Termsh HOME Environment Variable Buffer Overflow Vulnerability

SCO OpenServer termsh application is affected by a local buffer overflow vulnerability.

An attacker can supply an excessive string value through the HOME variable to overflow a finite sized destination buffer.

A successful attack may allow the attacker to gain elevated privileges in the context of the application. It should be noted that the application is installed as setgid auth.

SCO OpenServer 5.0.6 and 5.0.7 are affected by this issue.