Published: 27/08/2003 Updated: 30/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun solaris 8.0
sun solaris 9.0
sun solaris 7.0
sun sunos 5.8
sun solaris 2.6
sun sunos -
sun sunos 5.7

/* ############################# * ## ldso1 exploit (SPARC) ## * ############################# * [coded by: osker178 (bjr213 psuedu)] * * Alright, so this exploits a fairly standard buffer * overflow in the default Solaris runtime linker (ldso1) * (discovery by Jouko Pynnonen) * Only real deviation here from the standard overflow * an ...

/* * $Id: raptor_ldpreloadc,v 11 2004/12/04 14:44:38 raptor Exp $ * * raptor_ldpreloadc - ldso1 local, Solaris/SPARC 26/7/8/9 * Copyright (c) 2003-2004 Marco Ivaldi <raptor@0xdeadbeefinfo> * * Stack-based buffer overflow in the runtime linker, ldso1, on Solaris 26 * through 9 allows local users to gain root privileges via a l ...

NVD-CWE-Other http://www.idefense.com/advisory/07.29.03.txt http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680 http://www.osvdb.org/8722 http://marc.info/?l=bugtraq&m=105951760418667&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/12755 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3601 https://nvd.nist.gov https://www.exploit-db.com/exploits/114/

CVE-2003-0609

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect