|
Bugtraq
mailing list archives
Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability
From: "Charles M. Richmond" <cmr () iisc com>
Date: Wed, 01 May 2002 08:34:13 -0400
It looks like this buffer overflow is also in the Sparc versions.
Solaris 8 - Patch-ID# 108652-51
Solaris 8x86 - Patch-ID# 108653-41
There are also Solaris 7 patches available.
107654-09 (x86 107655-09) which in '-08' addressed a buffer
overflow issue that affected suid/sgid X programs.
eSO Security Advisory: 3761
Discovery Date: July 5, 2001
ID: eSO:3761
Title: Sun Solaris lbxproxy display name buffer
overflow vulnerability
Impact: Local attackers can gain group root privileges
Affected Technology: Sun Solaris 8 x86
Vendor Status: Vendor notified
Discovered By: Kevin Kotas of the eSecurityOnline Research
and Development Team
CVE Reference: CAN-2002-0090
Advisory Location:
http://www.eSecurityOnline.com/advisories/eSO3761.asp
***********************************************************************
* Charles Richmond Integrated International Systems Corporation *
* cmr () iisc com cmr () acm org cmr () shore net http://www.iisc.com *
* UNIX Internals, I18N, L10N, X, Realtime Imaging, and Custom S/W *
* 131 Bishop's Forest Drive , Waltham , Ma. USA 02452 *
* (781) 647 2269 FAX (781) 647 3665 Cellular (781) 389 9777 *
***********************************************************************
 By Date 
By Thread
Current thread:
- Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability Charles M. Richmond (May 01)
| 
Intro
