Title: Ultrix DXTerm Setup Parameter Local Buffer Overflow Vulnerability
Severity: HIGH
Description:
Ultrix dxterm is reported to be prone to a buffer overflow vulnerability. The issue presents itself when dxterm handles a 'setup' command line argument that is greater than 255 bytes in length.
When this argument is passed to the dxterm executable, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflow its bounds and will trample any saved data that is adjacent to the affected buffer.
Because variables that are crucial to controlling program execution flow for dxterm are stored adjacent to the affected buffer, an attacker may corrupt these values and influence dxterm program execution flow into attacker-controlled memory. Ultimately this may lead to the execution of arbitrary instructions in the context of the root user.
Affected Products:
- Ultrix dxterm 0.0.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
