VULHUB ™

A buffer overflow exists in the mopd daemon, shipped with a number of popular operating systems. By supplying a filename containing the proper format strings (% strings), it is possible for a remote attacker to overwrite values on the stack. It may be possible to use this capability to execute arbitrary code on the affected machine. To check for a vulnerable version, it is possible to look in the mopProcessDL() function, in process.c. If the pfile[] buffer is declared to be 17 bytes, it is vulnerable.

A buffer overflow exists in the mopd daemon, shipped with a number of popular operating systems. By supplying a filename containing the proper format strings (% strings), it is possible for a remote attacker to overwrite values on the stack. It may be possible to use this capability to execute arbitrary code on the affected machine. To check for a vulnerable version, it is possible to look in the mopProcessDL() function, in process.c. If the pfile[] buffer is declared to be 17 bytes, it is vulnerable.