The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sunos | Sun | 5.7 | 5.7 |
Sunos | Sun | 5.8 | 5.8 |
Solaris | Sun | 9.0 | 9.0 |
Solaris | Sun | 7.0 | 7.0 |
Solaris | Sun | 9.0 | 9.0 |
Solaris | Sun | 2.6 | 2.6 |
Solaris | Sun | 8.0 | 8.0 |
Sunos | Sun | - | - |