Title: Multiple Vendor BNU uucpd Buffer Overflow Vulnerability
Severity: MODERATE
Description:
Upon successfully logging into a system with uucpd,
the daemon will attempt to record wtmp information.
However, due to insufficient bounds checking, a buffer
overflow can result when uucpd attempts to copy the
connecting hostname into a buffer with a predefined size.
While overwriting the buffer, the attacker can manipulate
the stack and execute their own commands, possibly gaining
root access into the system.
The attacker must have an account on the system, which
will allow this to be exploited.
This problem is present in BNU uucpd. This is not
installed by default on every operating system.
This also may not always run as root.
Affected Products:
- Digital OSF/1 1.2.0
- Digital OSF/1 1.3.0
- Digital OSF/1 1.3.0A
- Digital OSF/1 2.0.0
- Digital OSF/1 2.0.0B
- Digital OSF/1 2.1.0
- Digital OSF/1 2.1.0B
- NetBSD NetBSD 1.3.0
- NetBSD NetBSD 1.3.1
- OpenBSD OpenBSD 2.2.0
- OpenBSD OpenBSD 2.4.0
- Sun Solaris 2.2.0
- Sun Solaris 2.3.0
- Sun Solaris 2.4.0
- Sun Solaris 2.4.0_x86
- Sun Solaris 2.5.0
- Sun Solaris 2.5.0_x86
- Sun Solaris 2.5.1
- Sun Solaris 2.5.1_ppc
- Sun Solaris 2.5.1_x86
- Sun SunOS 4.1.3
- Sun SunOS 4.1.3 _U1
- Sun SunOS 4.1.3 c
- Sun SunOS 4.1.4
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
