Vulnerabilities > CVE-2001-0594 - Buffer Overflow vulnerability in SUN Solaris and Sunos

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
sun
exploit available
NVD
Published: 2001-08-02
Updated: 2018-10-30

Summary

kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.

Vulnerable Configurations

Part Description Count
OS
Sun
4

Exploit-Db

  • descriptionSolaris 7/8 kcms_configure Command-Line Buffer Overflow Vulnerability (1). CVE-2001-0594 . Local exploit for solaris platform
    idEDB-ID:20740
    last seen2016-02-02
    modified2001-04-09
    published2001-04-09
    reporterRiley Hassell
    sourcehttps://www.exploit-db.com/download/20740/
    titleSolaris 7/8 kcms_configure Command-Line Buffer Overflow Vulnerability 1
  • descriptionSolaris 7/8 kcms_configure Command-Line Buffer Overflow Vulnerability (2). CVE-2001-0594 . Local exploit for solaris platform
    idEDB-ID:20741
    last seen2016-02-02
    modified2001-04-09
    published2001-04-09
    reporterAdam Slattery
    sourcehttps://www.exploit-db.com/download/20741/
    titleSolaris 7/8 kcms_configure Command-Line Buffer Overflow Vulnerability 2

Oval

  • accepted2016-02-08T10:00:00.000-05:00
    classvulnerability
    contributors
    nameDavid Proulx
    organizationThe MITRE Corporation
    descriptionkcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
    familyunix
    idoval:org.mitre.oval:def:65
    statusaccepted
    submitted2002-09-17T12:00:00.000-04:00
    titleSolaris 7 kcms_configure Command-Line Buffer Overflow
    version35
  • accepted2016-02-08T10:00:00.000-05:00
    classvulnerability
    contributors
    nameDavid Proulx
    organizationThe MITRE Corporation
    descriptionkcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
    familyunix
    idoval:org.mitre.oval:def:7
    statusaccepted
    submitted2002-09-17T12:00:00.000-04:00
    titleSolaris 8 kcms_configure Command-Line Buffer Overflow
    version35

References