• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CDE LibDTHelp LOGNAME Environment Variable Local Buffer Overflow Vulnerability

Solution:
Other vendors have released fixes to address the issue described in BID 8973. It is not known whether these fixes also address the issue described in this BID.

Sun has released Alert ID 57414 with patches to address the issue described in BID 8973, these patches also address this issue.


Sun Solaris 7.0_x86

• Sun 107179-03
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107179&rev=03

Sun Solaris 9_x86

• Sun 116309-01
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=116309&rev=01

Sun Solaris 7.0

• Sun 107178-03
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=107178&rev=03

Sun Solaris 8_x86

• Sun 108950-08
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108950&rev=08

Sun Solaris 8

• Sun 108949-08
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108949&rev=08

Sun Solaris 9

• Sun 116308-01
  http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=116308&rev=01