VULHUB ™

Compaq has reported a buffer overflow in the Tru64 C library. The condition is related to the handling of the LANG and LOCPATH environment variables. The overflow may be triggered by values of LOCPATH and LANG that are of excessive length. The most likely vector of attack for an attacker would be through local, setuid/setgid applications. Successful exploitation could yield elevated privileges for the attacker. This vulnerability may also be remotely exploitable through the telnet service. This has not yet been confirmed.

Compaq has reported a buffer overflow in the Tru64 C library. The condition is related to the handling of the LANG and LOCPATH environment variables. The overflow may be triggered by values of LOCPATH and LANG that are of excessive length. The most likely vector of attack for an attacker would be through local, setuid/setgid applications. Successful exploitation could yield elevated privileges for the attacker. This vulnerability may also be remotely exploitable through the telnet service. This has not yet been confirmed.