It looks like this buffer overflow is also in the Sparc versions. Solaris 8 - Patch-ID# 108652-51 Solaris 8x86 - Patch-ID# 108653-41 There are also Solaris 7 patches available. 107654-09 (x86 107655-09) which in '-08' addressed a buffer overflow issue that affected suid/sgid X programs. > eSO Security Advisory: 3761 > Discovery Date: July 5, 2001 > ID: eSO:3761 > Title: Sun Solaris lbxproxy display name buffer > overflow vulnerability > Impact: Local attackers can gain group root privileges > Affected Technology: Sun Solaris 8 x86 > Vendor Status: Vendor notified > Discovered By: Kevin Kotas of the eSecurityOnline Research > and Development Team > CVE Reference: CAN-2002-0090 > > Advisory Location: > http://www.eSecurityOnline.com/advisories/eSO3761.asp *********************************************************************** * Charles Richmond Integrated International Systems Corporation * * cmrat_private cmrat_private cmrat_private http://www.iisc.com * * UNIX Internals, I18N, L10N, X, Realtime Imaging, and Custom S/W * * 131 Bishop's Forest Drive , Waltham , Ma. USA 02452 * * (781) 647 2269 FAX (781) 647 3665 Cellular (781) 389 9777 * ***********************************************************************
This archive was generated by hypermail 2b30 : Wed May 01 2002 - 08:23:31 PDT