Description
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
Affected products
- open_group / cde_common_desktop_environment1.0.1 – 1.0.1
- open_group / cde_common_desktop_environment1.0.2 – 1.0.2
- open_group / cde_common_desktop_environment1.1 – 1.1
- open_group / cde_common_desktop_environment1.2 – 1.2
- open_group / cde_common_desktop_environment2.0 – 2.0
- open_group / cde_common_desktop_environment2.1 – 2.1
References
- MISChttp://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20011107-01-P
- MISChttp://www.securityfocus.com/bid/3517
- MISChttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/214
- MISCftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.30/
- VENDOR_ADVISORYhttp://www.cert.org/advisories/CA-2002-01.html
- MISChttp://www.kb.cert.org/vuls/id/172583
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/7396
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A70
- VENDOR_ADVISORYhttp://www.cert.org/advisories/CA-2001-31.html
- VENDOR_ADVISORYhttp://www.securityfocus.com/advisories/3651
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A74
- MISChttp://xforce.iss.net/alerts/advise101.php