Press CTRL-D to bookmark us
Welcome Guest Login / Register / Members
Search in  
Top Submit newsSubscribe
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
 

 Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?
 
 Sympa Buffer Overflow in 'queue.c' Lets Local Users Gain Elevated Privileges
Categorie: Vulnerability
Posted: 2005-02-15 by ReCall
Views: 456
Source: Click here
 		Current Rating: Not rated
Poor Best
 Details
Description: A vulnerability was reported in sympa. A local user may be able to obtain elevated privileges.

A local user can supply a specially crafted 'listname' parameter to trigger a buffer overflow and execute arbitrary code on the target system. On some systems, sympa is installed with set user id (setuid) 'sympa' user privileges, so the local user can obtain sympa user privileges.

The flaw resides in 'src/queue.c'.

Erik Sjolund discovered this flaw.

Impact: A local user can execute arbitrary code with 'sympa' user privileges.

Solution: The vendor has released a fixed version (4.1.3), available at:

http://www.sympa.org/
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1360

User comments (post your comments here)

Only registerd members can post comments and articles
 
Previous articleBack to news listNext article
 


InterJOB.su
Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

SpyLOG Page Rank Checker
LAST QUERIES