IRIX Buffer Overflow Vulnerability

Certain versions of IRIX ship with a version which is vulnerable to buffer overflow attacks. This library,, is used in conjunction with graphical programs which use OpenGL. As a result a number of programs which utilize can be exploited via this problem. The exploit which is in known public circulation at this time uses both gmemusage and gr_osview to exploit this problem. The buffer overflow itself is in how handles the $HOME variable is handled (it is not checked for length). Further the programs which receive this $HOME variable from further fail to limit it's size resulting in a buffer overflow attack. Should the receiving programs be SUID root (as are both gr_osview and gmemusage) the attacker will gain root access.


Privacy Statement
Copyright 2010, SecurityFocus