GNOME espeaker Local Buffer Overflow Vulnerability

A buffer overflow vulnerabilityin GNOME's shared libraries handling of the 'espeaker' command line argument may allow local users to attack setuid binaries linked against these libraries to obtain root access.

Calling a program linked against GNOME with the command like arguments '--enable-sound --espeaker=<80 byte buffer>' results in a buffer overflow.

One known setuid root program linked against these libraries in the Mandrake 6.0 distribution is '/usr/games/nethack'.

It is likely this is a vulnerability in the libesd shared library instead of libgnome. In that case esound 0.2.8 would be vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus