Vulnerabilities > CVE-2002-0089 - Local Buffer Overflow vulnerability in Solaris admintool
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 6 |
Oval
accepted 2007-02-20T13:40:52.089-05:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation
description Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. family unix id oval:org.mitre.oval:def:67 status accepted submitted 2002-09-17T12:00:00.000-04:00 title Solaris 8 admintool Local Buffer Overflow version 35 accepted 2007-02-20T13:40:52.685-05:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation name Matthew Wojcik organization The MITRE Corporation
description Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. family unix id oval:org.mitre.oval:def:68 status accepted submitted 2002-10-17T12:00:00.000-04:00 title Solaris 7 admintool Local Buffer Overflow version 35
References
- http://online.securityfocus.com/archive/1/270122
- http://www.esecurityonline.com/advisories/eSO2397.asp
- http://www.iss.net/security_center/static/8954.php
- http://www.iss.net/security_center/static/8955.php
- http://www.securityfocus.com/bid/4624
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A67
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A68