Playmidi Buffer Overflow in Processing Filename May Let Local Users Obtain Elevated Privileges
|
|
SecurityTracker Alert ID: 1012957
|
|
SecurityTracker URL: http://securitytracker.com/id?1012957
|
|
CVE Reference: CAN-2005-0020
(Links to External Site)
|
|
OSVDB Reference: 13049
(Links to External Site)
|
Date: Jan 20 2005
|
Impact: Execution of arbitrary code via local system, Root access via local system, User access via local system
|
Version(s): 2.5 and prior versions
|
Description: A buffer overflow vulnerability was reported in playmidi. A local user can execute arbitrary code, potentially with elevated privileges.
Various Linux distribution vendors reported that a local user can trigger a buffer overflow in the processing of the filename. If
the application is installed with set user id (setuid) privileges, a local user can execute arbitrary code with elevated privileges.
The
flaw resides in 'playmidi.c'.
Erik Sjolund is credited with discovering this flaw.
|
Impact: A local user can execute arbitrary code with the privileges of playmidi. On some systems, this may yield root user privileges.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: playmidi.sourceforge.net/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 20 Jan 2005 12:28:18 -0500
Subject: [none]
|
CVE: CAN-2005-0020
Various Linux distribution vendors reported a buffer overflow vulnerability in
playmidi. A local user can execute arbitrary code. If the application is installed
with set user id (setuid) privileges, a local user can obtain elevated privileges.
Erik Sjolund is credited with discovering this flaw.
|
|
