(Vendor Confirms and Plans Fix) Re: SkyStream Networks Edge Media Router (EMR-5000) Command Shell Buffer Overflow Lets Remote Authenticated Users Gain Root Privileges
|
|
SecurityTracker Alert ID: 1005902 |
|
SecurityTracker URL: http://securitytracker.com/id/1005902
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jan 7 2003
|
Impact:
Execution of arbitrary code via network, Root access via network
|
Vendor Confirmed: Yes
|
Version(s): EMR-5000; 1.16, 1.17, 1.18
|
Description:
A vulnerability was reported in the SkyStream Edge Media Router 5000 (EMR-5000). A remote authenticated user may be able to gain root privileges the device.
Global InterSec reported that there is a buffer overflow in the processing of user-supplied input in the shell. A remote authenticated user can connect via telnet and trigger the overflow to execute arbitrary code with root privileges. According to the report, a 1052 byte command line entry can be used to demonstrate the flaw and will result in a segmentation fault.
The vendor has reportedly been notified.
The original advisory is available at:
http://www.globalintersec.com/adv/skystream-2002101601.txt
|
Impact:
A remote authenticated user can execute arbitrary code on the system with root privileges.
|
Solution:
The vendor has confirmed the vulnerability and indicated that a fix will be included in version 2.4, to be released mid-year 2003.
|
Vendor URL: www.skystream.com/products/emr5000.stm (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 07 Jan 2003 15:08:52 -0500
Subject: SkyStream planned bug fix
|
The vendor has confirmed the issue reported in the second Global Intersec advisory (Alert
ID 1005862) and will plans to include a fix in version 2.4. That version is planned for
release in mid-year 2003.
|
|
