• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Solaris UUCP Local Buffer Overflow Vulnerability

A vulnerability has been discovered in the UUCP utility for Solaris. It is possible to trigger a buffer overflow in UUCP by sending excessive data as a user-supplied command line parameter. Although it has not yet been confirmed, it is likely that this issue is exploitable to execute arbitrary code. As UUCP is typically installed setuid root, all commands will be executed with superuser privileges.