Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
CVE-2025-71263: Unix fourth edition buffer overflow vulnerability (cve.org)
6 points by pseudohadamard 53 days ago | hide | past | favorite | 2 comments


In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely that UNIX v4 is running anywhere outside of a very small number of lab environments.

Related: https://www.tomshardware.com/software/linux/unix-v4-recovere...


[dead]


11:25am: Fifty-year-old copy of Unix recovered from old tape backup.

11:27am: First vulnerability found.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: