Published: 30/10/2001 Updated: 30/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun sunos

source: wwwsecurityfocuscom/bid/3160/info Xlock is a utility for locking X-windows displays It is installed setuid root because it uses the user's password to authorize access to the display when it is locked The version of xlock that ships with Solaris as part of OpenWindows contains a heap overflow in it's handling of an environment ...

source: wwwsecurityfocuscom/bid/3160/info Xlock is a utility for locking X-windows displays It is installed setuid root because it uses the user's password to authorize access to the display when it is locked The version of xlock that ships with Solaris as part of OpenWindows contains a heap overflow in it's handling of an environmen ...

NVD-CWE-Other http://www.securityfocus.com/bid/3160 http://marc.info/?l=bugtraq&m=99745571104126&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10 https://exchange.xforce.ibmcloud.com/vulnerabilities/6967 https://nvd.nist.gov https://www.exploit-db.com/exploits/21058/

CVE-2001-0652

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect