3 matches found
EUVD-1999-0799
Malware in sbrugna...
Solaris kcms_configure vulnerability
Solaris kcmsconfigure vulnerability Discovered and exploited by: Riley Hassell [email protected] Release Date: April 9, 2001 Systems Affected: Solaris 7/8 x86 and sparc Versions prior are also most likely affected Description: It was another long day at eEye where the beer was once again cold but eE...
Solaris 2.5.1 - 'kcms' Local Buffer Overflow (2)
/ source: https://www.securityfocus.com/bid/452/info There is an unchecked sprintf call in the versions of /usr/openwin/bin/kcmsconfigure shipped with solaris 2.5, 2.5.1 and 2.6. Unfortunately, kcmsconfigure is installed setuid root, making it possible for an attacker to overflow the buffer and...