[20185] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities

daemon@ATHENA.MIT.EDU (LSD)
Fri Apr 13 02:04:37 2001

MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.SGI.4.21.0104112019040.2655-100000@ix.put.poznan.pl>
Date:         Wed, 11 Apr 2001 20:26:40 -0700
Reply-To: LSD <contact@LSD-PL.NET>
From: LSD <contact@LSD-PL.NET>
To: BUGTRAQ@SECURITYFOCUS.COM

There exists a buffer overflow vulnerability in the way the
KCMS_PROFILES environment variable is handled by the kcsSUNWIOsolf.so
library. When appropriately exploited through a kcms_configure program
it can lead to a local root compromise on a vulnerable system.

There also exists a buffer overflow vulnerability in a dtsession
program in a way it handles LANG environment variable.

Proof of concept codes for both vulnerabilites are avaialble
at our website at the following addresses:

 http://lsd-pl.net/files/get?SOLARIS/solsparc_kcssunwiosolf
 http://lsd-pl.net/files/get?SOLARIS/solx86_kcssunwiosolf
 http://lsd-pl.net/files/get?SOLARIS/solx86_dtsession

Regards,

lsd ppl
http://lsd-pl.net/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20185] in bugtraq

[LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities

daemon@ATHENA.MIT.EDU (LSD)Fri Apr 13 02:04:37 2001

daemon@ATHENA.MIT.EDU (LSD)
Fri Apr 13 02:04:37 2001