Solaris cb_reset Buffer Overflow Vulnerability

A buffer overflow vulnerability exists in the 'cb_reset' command included with the SUNWsspop package for SunOS.

The overflow occurs when a string exceeding approximately 600 characters in length is passed to the 'cb_reset' program from the command line. Because the program is installed setuid root, it may be possible for local users to execute arbitrary code/commands with those privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus