VULHUB ™

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid 'bin' executables used in printer administration and related tasks. This includes cancel, a component used to stop queued print requests. 'cancel' contains a confirmed locally exploitable buffer overflow condition present in the handling of command-line parameters. If properly exploited, this can yield user 'bin' privileges to the attacker.

SCO OpenServer 5.0.6 (and possibly earlier versions) ships with several suid 'bin' executables used in printer administration and related tasks. This includes cancel, a component used to stop queued print requests. 'cancel' contains a confirmed locally exploitable buffer overflow condition present in the handling of command-line parameters. If properly exploited, this can yield user 'bin' privileges to the attacker.