VULHUB ™

It is reported that SERCD and SREDIRD both contain a buffer overflow vulnerability. This issue is due to a failure of the applications to properly perform bounds checks on user-supplied input before copying it to a buffer of finite size. Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the affected package. These processes are commonly run as the superuser in order to access the serial port. Versions of SERCD prior to 2.3.1, and all known versions of SREDIRD are reported susceptible to this vulnerability. BID 11002 was split into this BID and BID 11031.

It is reported that SERCD and SREDIRD both contain a buffer overflow vulnerability. This issue is due to a failure of the applications to properly perform bounds checks on user-supplied input before copying it to a buffer of finite size. Successful exploitation of this issue will allow an attacker to execute arbitrary code on the affected computer with the privileges of the affected package. These processes are commonly run as the superuser in order to access the serial port. Versions of SERCD prior to 2.3.1, and all known versions of SREDIRD are reported susceptible to this vulnerability. BID 11002 was split into this BID and BID 11031.