FreeBSD dc20ctrl port buffer overflow

dc20ctrl-port-bo (6077)

Medium Risk

Description:

Dc20ctrl is vulnerable to a buffer overflow. The dc20ctrl utility is installed setgid dialer. A local attacker can overflow a buffer to gain gid dialer on the system. An attacker can use this vulnerability to gain access to other unauthorized serial port devices.

Platforms Affected:

• FreeBSD, dc20ctrl 0.4
• FreeBSD, FreeBSD 3.5.1
• FreeBSD, FreeBSD 4.2

Remedy:

Upgrade to the latest version of dc20ctrl (0.4_1 dated 2001-02-07 or later), as listed in FreeBSD Security Advisory FreeBSD-SA-01:22. See References.

Consequences:

Gain Privileges

References:

• FreeBSD Security Advisory FreeBSD-SA-01:22, dc20ctrl port contains a locally exploitable buffer overflow yielding gid dialer at http://archives.neohapsis.com/archives/freebsd/2001-02/0083.html.
• SecuriTeam Mailing List, Security Holes & Exploits 15 Feb 2001, DC20Ctrl exploit code released at http://www.securiteam.com/exploits/5TP0B1F3FQ.html.
• CVE-2001-0230: Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges.
• OSVDB ID: 6081: FreeBSD dc20ctrl Local Overflow

Reported:

Feb 07, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page