[LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities
Date: Wed, 11 Apr 2001 20:26:40 -0700
From: LSD <[email protected]>
To: [email protected]
Subject: [LSD] Solaris kcsSUNWIOsolf.so and dtsession vulnerabilities
There exists a buffer overflow vulnerability in the way the
KCMS_PROFILES environment variable is handled by the kcsSUNWIOsolf.so
library. When appropriately exploited through a kcms_configure program
it can lead to a local root compromise on a vulnerable system.
There also exists a buffer overflow vulnerability in a dtsession
program in a way it handles LANG environment variable.
Proof of concept codes for both vulnerabilites are avaialble
at our website at the following addresses:
http://lsd-pl.net/files/get?SOLARIS/solsparc_kcssunwiosolf
http://lsd-pl.net/files/get?SOLARIS/solx86_kcssunwiosolf
http://lsd-pl.net/files/get?SOLARIS/solx86_dtsession
Regards,
lsd ppl
http://lsd-pl.net/
