Bugtraq mailing list archives
Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability
From: <rogersk () hushmail com>
Date: 1 May 2002 16:34:59 -0000
In-Reply-To: <200205011234.IAA10988 () koibito iisc com> The patch descriptions provided at sunsolve.sun.com only describe the problem as "lbxproxy contains a buffer overflow", and the dates do not appear to closely match the discovery date quoted by eSecurityOnline. Is there any stronger evidence that these patches fix this problem, and not some unrelated issue with lbxproxy? Has anyone been able to reproduce the original issue, as well as verifying that the patch fixes it? - rogersk () hushmail com
From: "Charles M. Richmond" <cmr () iisc com> It looks like this buffer overflow is also in the Sparc
versions.
Solaris 8 - Patch-ID# 108652-51 Solaris 8x86 - Patch-ID# 108653-41 There are also Solaris 7 patches available. 107654-09 (x86 107655-09) which in '-08' addressed a buffer overflow issue that affected suid/sgid X programs.eSO Security Advisory: 3761 Discovery Date: July 5, 2001 ID: eSO:3761 Title: Sun Solaris lbxproxy display
name buffer
overflow vulnerability Impact: Local attackers can gain group
root privileges
Affected Technology: Sun Solaris 8 x86 Vendor Status: Vendor notified Discovered By: Kevin Kotas of the
eSecurityOnline Research
and Development Team CVE Reference: CAN-2002-0090 Advisory Location: http://www.eSecurityOnline.com/advisories/eSO3761.asp***********************************************************
************
* Charles Richmond Integrated International Systems
Corporation *
* cmr () iisc com cmr () acm org cmr () shore net
http://www.iisc.com *
* UNIX Internals, I18N, L10N, X, Realtime Imaging, and
Custom S/W *
* 131 Bishop's Forest Drive , Waltham , Ma. USA
02452 *
* (781) 647 2269 FAX (781) 647 3665 Cellular (781)
389 9777 *
***********************************************************
************
Current thread:
- Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability rogersk (May 01)
- <Possible follow-ups>
- Re: eSecurityOnline Security Advisory 3761 - Sun Solaris lbxproxy dis play name buffer overflow vulnerability Ken . Williams (May 01)