Lucene search
MitreCVELIST:CVE-2005-2072HistoryJun 29, 2005 - 4:00 a.m.
CVE-2005-2072
2005-06-2904:00:00
mitre
www.cve.org
7
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
References
lists.grok.org.uk/pipermail/full-disclosure/2005-June/034730.html
lists.grok.org.uk/pipermail/full-disclosure/2005-June/034731.html
lists.grok.org.uk/pipermail/full-disclosure/2005-June/034738.html
secunia.com/advisories/15841
securitytracker.com/id?1014537
sunsolve.sun.com/search/document.do?assetkey=1-26-101794-1
www.opensolaris.org/jive/thread.jspa?messageID=3497
www.securityfocus.com/bid/14074
www.vupen.com/english/advisories/2005/0908
Related
nessus
nessus
Solaris 9 (x86) : 113986-29
2004-07-12 00:00:00
Solaris 9 (sparc) : 112963-35
2004-07-12 00:00:00
Solaris 8 (sparc) : 109147-44
2004-07-12 00:00:00
exploitdb
exploitdb
Solaris 9/10 - 'ld.so' Local Privilege Escalation (1)
2005-06-28 00:00:00
Solaris 9/10 - 'ld.so' Local Privilege Escalation (2)
2005-06-28 00:00:00
nvd
nvd
CVE-2005-2072
2005-06-29 04:00:00
cve
cve
CVE-2005-2072
2005-06-29 04:00:00