('binary' encoding is not supported, stored as-is) In-Reply-To: <200205011234.IAA10988at_private> The patch descriptions provided at sunsolve.sun.com only describe the problem as "lbxproxy contains a buffer overflow", and the dates do not appear to closely match the discovery date quoted by eSecurityOnline. Is there any stronger evidence that these patches fix this problem, and not some unrelated issue with lbxproxy? Has anyone been able to reproduce the original issue, as well as verifying that the patch fixes it? - rogerskat_private >From: "Charles M. Richmond" <cmrat_private> > > >It looks like this buffer overflow is also in the Sparc versions. >Solaris 8 - Patch-ID# 108652-51 >Solaris 8x86 - Patch-ID# 108653-41 > >There are also Solaris 7 patches available. >107654-09 (x86 107655-09) which in '-08' addressed a buffer >overflow issue that affected suid/sgid X programs. > > >> eSO Security Advisory: 3761 >> Discovery Date: July 5, 2001 >> ID: eSO:3761 >> Title: Sun Solaris lbxproxy display name buffer >> overflow vulnerability >> Impact: Local attackers can gain group root privileges >> Affected Technology: Sun Solaris 8 x86 >> Vendor Status: Vendor notified >> Discovered By: Kevin Kotas of the eSecurityOnline Research >> and Development Team >> CVE Reference: CAN-2002-0090 >> >> Advisory Location: >> http://www.eSecurityOnline.com/advisories/eSO3761.asp > >*********************************************************** ************ >* Charles Richmond Integrated International Systems Corporation * >* cmrat_private cmrat_private cmrat_private http://www.iisc.com * >* UNIX Internals, I18N, L10N, X, Realtime Imaging, and Custom S/W * >* 131 Bishop's Forest Drive , Waltham , Ma. USA 02452 * >* (781) 647 2269 FAX (781) 647 3665 Cellular (781) 389 9777 * >*********************************************************** ************ >
This archive was generated by hypermail 2b30 : Wed May 01 2002 - 09:58:47 PDT