Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

openMosix userspace library stack-based buffer overflow

From: jose () eyeos org
Date: 6 Apr 2008 16:46:43 -0000

title: openMosix userspace library stack-based buffer overflow
Discovered by: Jose Carlos Norte

There are a lot of buffer overflows present in the library of the openMosix project, documented at: 

http://www.openmosixview.com/docs/openMosixAPI.html

The vulnerable code is in:

http://openmosix.cvs.sourceforge.net/openmosix/userspace-tools/moslib/libmosix.c?revision=1.6&view=markup

134 int64_t
135 msx_readnode(int node, const char *item)
136 {
137 char fn[40];
138 int64_t val;
139
140 if(!node && !(node = msx_read("/proc/hpc/admin/mospe")))
141 return(-1);
142 sprintf(fn, "/proc/hpc/nodes/%d/%s", node, item); 

in line 142 there is no check against overflow in "item" argument.

Every applications using this library, can be vulnerable to attacks exploiting this flaw.
Previous By Date Next
Previous By Thread Next

Current thread: