SCO UnixWare/Open UNIX PS Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

SCO UnixWare/Open UNIX PS Buffer Overflow Vulnerability

The SCO UnixWare/Open UNIX ps utility is prone to a locally exploitable buffer overflow condition.

This issue is due to insufficient bounds checking of arguments in command line options.

While this utility is not installed setuid/setgid, it uses the procprivl(SETPRV,pm_work(P_MACREAD) function, which may allow for arbitrary code execution with elevated privileges.