Vulnerabilities > CVE-2003-0092 - Buffer Overflow vulnerability in SUN Solaris and Sunos
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 5 |
Oval
| accepted | 2005-03-09T07:56:00.000-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:1905 | ||||
| status | accepted | ||||
| submitted | 2005-02-01T12:00:00.000-04:00 | ||||
| title | dtsession Buffer Overflow via HOME Envvar | ||||
| version | 35 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0163.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-52388-1
- http://www.securityfocus.com/archive/1/316948/30/25250/threaded
- http://www.securityfocus.com/bid/7240
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1905