Published: 29/05/2002 Updated: 30/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote malicious users to execute arbitrary code via a request with a long directory and cache name.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun solaris 8.0
sun solaris 7.0
sun solaris 2.5.1
sun solaris 2.6
sun sunos -

This advisory describes a vulnerability that affects Cisco products and applications that are installed on the Solaris operating system, and is based on the vulnerability of an common service within the Solaris operating system, not due to a defect of the Cisco product or application A vulnerability in the "cachefs" program was discovered ...

source: wwwsecurityfocuscom/bid/4674/info A remotely exploitable buffer overflow condition has been reported in cachefsd The overflow occurs in the heap and is reportedly exploitable as valid malloc() chunk structures are overwritten Successful attacks may result in remote attackers gaining root access on the affected system /*## cop ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2002-05/0026.html http://www.cert.org/advisories/CA-2002-11.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 http://www.kb.cert.org/vuls/id/635811 http://www.securityfocus.com/bid/4674 http://www.iss.net/security_center/static/8999.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A31 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A124 https://nvd.nist.gov https://www.exploit-db.com/exploits/21437/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020724-solaris-cachefs https://www.kb.cert.org/vuls/id/635811

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0033

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect