11 lines
No EOL
666 B
Text
11 lines
No EOL
666 B
Text
source: https://www.securityfocus.com/bid/3404/info
|
|
|
|
Progress is a commercial database for Microsoft Windows and Unix systems.
|
|
|
|
Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to insufficient bounds checking of data which is externally supplied to strcpy functions.
|
|
|
|
These problems could be exploited to allow a local attacker to execute arbitrary code on a host with the privileges of each individual affected program.
|
|
|
|
This situation could be leveraged by the attacker to gain root privileges on the host.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21117.tar |