Solaris 2.5/2.6/7.0/8 kcms_configure KCMS_PROFILES Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcmsconfigure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in the KCMSPROFILES environment variable...

CVE-2001-0595

The CVE-2001-0595 issue affects Sun’s KCMS component on Solaris 7/8, where a buffer overflow in the kcsSUNWIOsolf.so library allows a local user to execute arbitrary commands via the KCMS_PROFILES environment variable (demonstrated by kcms_configure). OpenVAS entries describe the KCMS Profile Ser...