• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Caldera UnixWare/Open Unix NDCFG Buffer Overflow Vulnerability

Caldera UnixWare and Open Unix ship with a utility called ndcfg, which is used for installation, configuration and maintenance of network drivers.

This utility is prone to an exploitable buffer overflow condition which may allow local attackers to gain elevated privileges. The condition is due to insufficient bounds checking of input supplied via the command line when the utility is invoked.