bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/sco/dos/20739.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

12 lines
No EOL
620 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/2557/info
SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid bin executables used in printer administration and related tasks.
This includes lpusers, a component used to set the queue priority of jobs submitted to the LP print service by users.
'lpusers' contains a locally exploitable buffer overflow vulnerability that occurs when commandline arguments are of excessive length.
If properly exploited, this can yield root privilege to the attacker.
/opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpusers -u `perl -e 'print "A" x 700'`
Memory fault - core dumped
Reference in a new issue View git blame Copy permalink