SCO OpenServer Enable And Disable Multiple Local Buffer Overflow Vulnerabilities

SCO OpenServer Enable And Disable Multiple Local Buffer Overflow Vulnerabilities

Multiple local buffer-overflow vulnerabilities affect SCO OpenServer enable/disable utilities. These issues occur because the application fails to securely copy user-supplied data into sensitive process buffers.

Note that unprivileged users are not permitted to execute the 'enable' and 'disable' utilities. Therefore, attackers must be users who have been assigned the 'lp' privilege by an administrator prior to being able to execute the affected utility and exploit this issue.

An attacker may leverage this issue to execute arbitrary code with the privileges of the superuser. This may facilitate privilege escalation.