Caldera UnixWare Message Catalog Environment Variable Format String Vulnerability

Caldera UnixWare Message Catalog Environment Variable Format String Vulnerability

UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera.

A format string vulnerability in the locale subsystem could lead to a user gaining elevated privileges. A local user could potentially supply maliciously crafted message catalogs through the LC_MESSAGES environment variable. This could allow a local user to load arbitrary message catalogs into setuid or setgid programs, and execute arbitrary code with setuid/setgid privileges.