Published: 13/05/1997 Updated: 30/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun sunos 5.5
sun sunos 5.3
sun sunos 5.4
sun sunos 5.5.1

/* source: wwwsecurityfocuscom/bid/201/info There is a buffer overflow condition on arguments in Pluggable Authentication Modules (PAM) and unix_scheme (54 and 53) Therefore, an unauthorized user could exploit this vulnerability via the passwd program to gain root access Under SunOS 551, 551_x86, 55, 55_x86, yppasswd and nispass ...

---------------------------- file newpassc ------------------------------- #include <stdioh> #include <syslogh> #define hidden_passwd "/bin/hpasswd" /*change here */ #define MAX_LENGTH 32 void main(int argc, char *argv[]) { int i; char *args[10]; if(argc < 10) { args[0]=hidden_passwd; ...

NVD-CWE-Other http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/139&type=0&nav=sec.sba ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.09.Solaris.passwd.buffer.overrun.vul https://nvd.nist.gov https://www.exploit-db.com/exploits/19158/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-1158

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect