Michael Ligh and Greg Sinclair have reported some vulnerabilities in Symark PowerBroker, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerabilities are caused due to boundary errors within the pbrun, pbsh, and pbksh SUID binaries. These can be exploited to cause stack-based buffer overflows by executing the vulnerable binaries with an overly long "argv" string.
The vulnerabilities are reported in versions 2.8 through 5.0.1.
Solution: Apply vendor service packs (see vendor advisory for details).
Provided and/or discovered by: Michael Ligh of MNIN.org and Greg Sinclair of NNL-Labs.
Original Advisory: Symark:
Michael Ligh and Greg Sinclair:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org