Stack-based Buffer Overflow in GNU Sharutils Affects Local Users
CVE-2004-1772

Currently unrated

Key Information:

Vendor: Gnu
Status: Sharutils
Vendor: CVE Published:; 31 December 2004

Summary

A stack-based buffer overflow vulnerability in GNU Sharutils version 4.2.1 allows local users to exploit the application by supplying overly long command line arguments to the '-o' option, potentially leading to arbitrary code execution. This flaw places affected systems at risk, enabling unauthorized actions to be carried out by malicious actors leveraging this exploit.

References

http://marc.info/?l=bugtraq&m=108137386310299&w=2

vendor-advisoryx_refsource_OPENPKG

https://bugzilla.fedora.us/show_bug.cgi?id=2155

vendor-advisoryx_refsource_FEDORA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

Timeline

Vulnerability Reserved
Mar 29, 2005
Vulnerability published
Dec 31, 2004