AFD multiple suid binary buffer overflows

afd-multiple-binaries-bo (10036) The risk level is classified as HighHigh Risk

Description:

Automatic File Distributor (AFD) is vulnerable to buffer overflows in multiple suid binaries. By passing an overly long string to one of the affected binaries using the -w command line option or setting the corresponding environment variable to a overly large value, a local attacker could overflow a buffer in the targeted suid binary and execute arbitrary code on the system with root privileges.

The following binaries are affected: afd, afdcmd, afd_ctrl, init_afd, mafd, mon_ctrl, show_olog, udc, and work_dir.


Consequences:

Gain Privileges

Remedy:

Upgrade to the latest version of AFD (1.2.15 or later), available from the DWD Web site. See References.

References:

  • BugTraq Mailing List, Wed Sep 04 2002 - 09:59:51 CDT : AFD 1.2.14 multiple local root compromises .
  • DWD Web site: Downloading AFD.
  • Netric Security Team Advisory netric-adv008: AFD 1.2.14 multiple local root exploits.
  • BID-5626: Multiple AFD Working Directory Local Buffer Overflow Vulnerabilities
  • CVE-2002-1503: Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain privileges via a long MON_WORK_DIR environment variable or -w (workdir) argument to (1) afd, (2) afdcmd, (3) afd_ctrl, (4) init_afd, (5) mafd, (6) mon_ctrl, (7) show_olog, or (8) udc.
  • OSVDB ID: 14542: Automatic File Distributor (AFD) afd MON_WORK_DIR Environment Variable Local Overflow
  • OSVDB ID: 14543: Automatic File Distributor (AFD) afdcmd MON_WORK_DIR Environment Variable Local Overflow
  • OSVDB ID: 14544: Automatic File Distributor (AFD) afd_ctrl MON_WORK_DIR Environment Variable Local Overflow
  • OSVDB ID: 14545: Automatic File Distributor (AFD) init_afd MON_WORK_DIR Environment Variable Local Overflow
  • OSVDB ID: 14546: Automatic File Distributor (AFD) mafd Multiple Variable Local Overflow
  • OSVDB ID: 14547: Automatic File Distributor (AFD) mon_ctrl Multiple Variable Local Overflow
  • OSVDB ID: 14548: Automatic File Distributor (AFD) show_olog MON_WORK_DIR Environment Variable Local Overflow
  • OSVDB ID: 14549: Automatic File Distributor (AFD) udc MON_WORK_DIR Environment Variable Local Overflow

Platforms Affected:

  • DWD AFD (Automatic File Distributor) 1.2.14

Reported:

Sep 04, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page