[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(Fwd) BoS: CERT Advisory CA-97.10 - Vulnerability in Natural



Hallo!

Diese Mitteilung koennte einige Sys-Admins (Unix) auf der 
Liste interessieren. Sie entstammt der Best-of-Security
Liste. Ich habe nur die ersten Zeilen uebernommen, 
um nicht die Liste vollzumuellen. Auf Wunsch (personal
mail) forwarde ich aber den gesamten Text. 

Gruss

Wolfgang

======= CERT* Advisory CA-97.10 Original issue date: April 24, 1997

Topic: Vulnerability in Natural Language Service
---------------------------------------------------------------------

The CERT Coordination Center has received reports of a buffer overflow
condition that affects some libraries using the Natural Language
Service (NLS) on UNIX systems. By exploiting this vulnerability, any
local user can execute arbitrary programs as a privileged user. There
is a possibility (with some old libraries) that the vulnerability can
be exploited by a remote user.



***INTERNET INTERN - Fachinformationsdienst***
Wolfgang Bleh, mailto:wbleh _at__ tap.de             
http://www.intern.de, Tel.: 06732/960318 


Listeninformationen unter http://www.inetbib.de.