Info

Disclosure

Jul 10, 2002

Discovery

Unknown

Dates

Exploit

Jul 10, 2002

Solution

Unknown

Description

A remote overflow exists in CDE dtspcd. dtspcd fails to perform proper bounds checking within 'libDtSvc' resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds to correct this issue. However, each respective vendor has released a patch and/or new software versions to address this vulnerability.

Products

Caldera Systems, Inc.	UnixWare	7
Caldera Systems, Inc.	OpenUnix	8.0

Compaq	Tru64	4.0 g
		4.0 f
		5.0 a
		5.1 a
		5.1

Hewlett-Packard Development Company, L.P.	HP-UX	10.10
		10.20
		11.0
		11.11

International Business Machines Corporation	AIX	4.0
		4.1.x
		4.2
		4.2.1
		4.3
		4.3.1
		4.3.2
		5.1

Silicon Graphics, Inc.	IRIX	6.1
		6.2
		6.3
		6.4
		6.5.x

Sun Microsystems, Inc.	Solaris	2.4
		2.5
		2.6
		2.7
		2.8

References

Other Advisory URL: http://xforce.iss.net/alerts/advise101.php
CERT VU: 172583
CVE ID: 2001-0803 (see also: NVD)
Bugtraq ID: 3517
Metasploit ID: 4503
ISS X-Force ID: 7396
CERT: CA-2001-31
Generic Exploit URL: http://immunitysec.com

Credit

Chris Spencer - ISS X-force

Direct URL: http://osvdb.org/4503

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Caldera Systems, Inc.

UnixWare

OpenUnix

Compaq

Tru64

Hewlett-Packard Development Company, L.P.

HP-UX

International Business Machines Corporation

AIX

Silicon Graphics, Inc.

IRIX

Sun Microsystems, Inc.

Solaris

References

Credit