Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:19587
HistoryApr 08, 2008 - 12:00 a.m.

openMosix userspace library stack-based buffer overflow

2008-04-0800:00:00
vulners.com
7
JSON

title: openMosix userspace library stack-based buffer overflow
Discovered by: Jose Carlos Norte

There are a lot of buffer overflows present in the library of the openMosix project, documented at:

http://www.openmosixview.com/docs/openMosixAPI.html

The vulnerable code is in:

http://openmosix.cvs.sourceforge.net/openmosix/userspace-tools/moslib/libmosix.c?revision=1.6&view=markup

134 int64_t
135 msx_readnode(int node, const char *item)
136 {
137 char fn[40];
138 int64_t val;
139
140 if(!node && !(node = msx_read("/proc/hpc/admin/mospe")))
141 return(-1);
142 sprintf(fn, "/proc/hpc/nodes/%d/%s", node, item);

in line 142 there is no check against overflow in "item" argument.

Every applications using this library, can be vulnerable to attacks exploiting this flaw.

JSON