Solaris Xsun Buffer Overrun Vulnerability

A buffer overrun vulnerability exists in the Xsun X11 server, as shipped as part of Solaris 7 and 8 from Sun Microsystems. By supplying a long argument to the -dev option (normally used to set the output device), it is possible to execute arbitrary code with setgid root permissions. This can be further leveraged to gain root privileges, resulting in machine compromise.


 

Privacy Statement
Copyright 2010, SecurityFocus