Bugtraq mailing list archives

Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability

From: "Charles M. Richmond" <cmr () iisc com>
Date: Wed, 01 May 2002 08:34:13 -0400


It looks like this buffer overflow is also in the Sparc versions.
Solaris 8 - Patch-ID# 108652-51
Solaris 8x86 - Patch-ID# 108653-41

There are also Solaris 7 patches available.
107654-09 (x86 107655-09) which in '-08' addressed a buffer
overflow issue that affected suid/sgid X programs.

eSO Security Advisory:  3761  
Discovery Date:         July 5, 2001 
ID:                     eSO:3761
Title:                  Sun Solaris lbxproxy display name buffer
                        overflow vulnerability 
Impact:                 Local attackers can gain group root privileges 
Affected Technology:    Sun Solaris 8 x86 
Vendor Status:          Vendor notified
Discovered By:          Kevin Kotas of the eSecurityOnline Research
                        and Development Team 
CVE Reference:          CAN-2002-0090 

Advisory Location:
http://www.eSecurityOnline.com/advisories/eSO3761.asp


***********************************************************************
*  Charles Richmond    Integrated International Systems Corporation   *
*  cmr () iisc com   cmr () acm org   cmr () shore net   http://www.iisc.com   *
*  UNIX Internals, I18N, L10N, X, Realtime Imaging, and  Custom S/W   *
*         131 Bishop's Forest Drive , Waltham , Ma. USA 02452         *
*  (781) 647 2269   FAX (781) 647 3665   Cellular (781) 389 9777      *
***********************************************************************

Current thread:

Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability Charles M. Richmond (May 01)