Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Solaris | Sun | 2.6 (including) | 2.6 (including) |
| Solaris | Sun | 7.0 (including) | 7.0 (including) |
| Solaris | Sun | 8.0 (including) | 8.0 (including) |
| Solaris | Sun | 9.0 (including) | 9.0 (including) |
| Sunos | Sun | - (including) | - (including) |
| Sunos | Sun | 5.7 (including) | 5.7 (including) |
| Sunos | Sun | 5.8 (including) | 5.8 (including) |
References
- http://secunia.com/advisories/9088/
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-55420-1
- http://www.ciac.org/ciac/bulletins/n-108.shtml
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.securityfocus.com/bid/64758
- http://www.securityfocus.com/bid/7991
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12379
- http://secunia.com/advisories/9088/
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-55420-1
- http://www.ciac.org/ciac/bulletins/n-108.shtml
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.securityfocus.com/bid/64758
- http://www.securityfocus.com/bid/7991
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12379