CVE-1999-0369
published 1997-02-01CVE-1999-0369: The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.81%
52.3th percentile
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | solaris | — | — |
| sun | solaris | — | — |
| sun | solaris | — | — |
| sun | solaris | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
| sun | sunos | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow
exploitdb·2001-03-19
CVE-2001-0369 DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow
DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow
---
// source: https://www.securityfocus.com/bid/2509/info
DGUX is the Data General revision of UNIX. It is designed as a solution for Intel systems produced by Data General.
A problem in the handling of error messages by the printer scheduler could allow arbitrary execution of code. By placing a request to the lpsched program consisting of a long and non-existing host name, it is possible to take advantage of a buffer overflow in the error reporting code of the lpsched program.
Therefore, it is possible for a local user to execute arbitrary code with the euid of root.
/******************************************************************************
* Stack Smasher by Luciano Rocha, (c) 1999 *
* for dgux (Data General's UN*X) o
Exploit-DB
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation
exploitdb·1998-10-23
CVE-1999-0369 Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation
---
/*
source: https://www.securityfocus.com/bid/166/info
Sdtcm_convert is a setuid-root data conversion utility which converts OpenWindows version 3 calendar data files to version 4 and vice versa. A buffer overflow condition has been found in sdtcm_convert which may be exploited to obtain root access.
*/
/*=============================================================================
sdtcm_convert Overflow Exploits( for Sparc Edition)
The Shadow Penguin Security (http://base.oc.to:/skyscraper/byte/551)
Written by UNYUN ([email protected])
[usage]
% gcc ex_sdtcm_convert.c (This example program)
% a.out
If no response, hit ctrl+c
#
*/
#define ADJUST 2
#define OFFSET1 4000
#define LENGTH1 260
#def
No writeups or analysis indexed.
1997-02-01
Published