Published: 31/12/2001 Updated: 30/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun sunos 5.8
sun solaris 8.0

source: wwwsecurityfocuscom/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap' This library is linked to by a number of system utilities, many of them installed setuid or setgid Libsldap contains a buffer overflow vulnerability in it's handling of the 'LDAP_OPTIONS' environment va ...

source: wwwsecurityfocuscom/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap' This library is linked to by a number of system utilities, many of them installed setuid or setgid Libsldap contains a buffer overflow vulnerability in it's handling of the 'LDAP_OPTIONS' environment vari ...

CWE-119 http://seclists.org/bugtraq/2001/Jun/0365.html http://seclists.org/bugtraq/2001/Jul/0077.html http://seclists.org/bugtraq/2001/Jul/0091.html http://www.securiteam.com/unixfocus/5IP0O2A4KS.html http://www.securityfocus.com/bid/2931 https://nvd.nist.gov https://www.exploit-db.com/exploits/20970/

CVE-2001-1582

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect