Caldera Open Unix LPSystem Buffer Overflow Vulnerability

Open Unix is a commercial grade UNIX implementation distributed and maintained by Caldera International.

A buffer overflow has been discovered that may allow local users to gain elevated privileges. lpsystem is a program usually installed with setuid privileges necessary to manipulate device files in order to print. However, a buffer overflow in this program has been discovered. This could allow a local user to overwrite stack variables, including the return address, and execute arbitrary code, resulting in an elevation of privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus