IRIX gr_osview Buffer Overflow Vulnerability

Under certain versions of IRIX, the 'gr_osview' command contains a buffer overflow that local attackers can exploit to gain root privileges.

The gr_osview command produces a graphical display of memory-management activity, including memory usage, page faults, TLB activity, and page swapping. This display provides a realtime window into the overall operation of the system. The buffer overflow itself is in the command-line parsing code and can be overflowed via a long user-supplied string.


 

Privacy Statement
Copyright 2010, SecurityFocus