7.1.4

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

sco

NVD

Published: 2005-10-25

Updated: 2008-09-10

Summary

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.

Vulnerable Configurations

Part	Description	Count
OS	Sco SCO Unixware 7.1.3 SCO Unixware 7.1.4	2

References

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.41/SCOSA-2005.41.txt
http://secunia.com/advisories/17275
http://securityreason.com/securityalert/101
http://securitytracker.com/id?1015098
http://www.idefense.com/application/poi/display?type=vulnerabilities
http://www.osvdb.org/20155
http://www.securityfocus.com/bid/15159