Vulnerabilities > CVE-2002-1296 - Unspecified vulnerability in SUN Solaris and Sunos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 7 |
Oval
| accepted | 2005-03-09T07:56:00.000-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:3637 | ||||
| status | accepted | ||||
| submitted | 2005-02-01T12:00:00.000-04:00 | ||||
| title | priocntl Directory Traversal Vulnerability | ||||
| version | 35 |
References
- http://marc.info/?l=bugtraq&m=103842619803173&w=2
- http://marc.info/?l=bugtraq&m=103842619803173&w=2
- http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/49131
- http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/49131
- http://www.iss.net/security_center/static/10717.php
- http://www.iss.net/security_center/static/10717.php
- http://www.kb.cert.org/vuls/id/683673
- http://www.kb.cert.org/vuls/id/683673
- http://www.securityfocus.com/bid/6262
- http://www.securityfocus.com/bid/6262
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3637
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3637