Title: Linux xosview Vulnerability
Severity: HIGH
Description:
xosview is an X11 system monitoring application that ships with RedHat 5.1 installed setuid root. A buffer overflow vulnerability was found in Xrm.cc, the offending code listed below:
char userrfilename[1024];
strcpy(userrfilename, getenv("HOME"));
The userfilename can be overflowed and arbritrary code executed to gain root access locally.
Affected Products:
- RedHat Linux 5.1.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
