A buffer overflow in bnuconvert, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges.
SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of commands for execution on a remote system. There is a buffer overflow in the bnuconvert application, which is part of the package. A malicious user can use these vulnerabilities to gain elevated privileges.
A local user can gain elevated privileges.
Caldera has released binaries that fix the problem. They are located at ftp://ftp.sco.com/pub/security/unixware/sr847405/.
This vulnerability was reported in a Caldera-SCO security advisory
This document was written by Jason Rafail.
|Date First Published:||2001-07-27|
|Date Last Updated:||2001-07-27 19:45 UTC|