The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Solaris | Sun | 2.6 (including) | 2.6 (including) |
Solaris | Sun | 7.0 (including) | 7.0 (including) |
Solaris | Sun | 8.0 (including) | 8.0 (including) |
Solaris | Sun | 9.0 (including) | 9.0 (including) |
Sunos | Sun | - (including) | - (including) |
Sunos | Sun | 5.7 (including) | 5.7 (including) |
Sunos | Sun | 5.8 (including) | 5.8 (including) |