• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Solaris Runtime Linker LD_AUDIT Privilege Escalation Vulnerability

The Sun Solaris runtime linker is susceptible to a privilege escalation vulnerability.

Runtime linkers in most operating systems are designed to ignore LD_* environment variables when executing setuid or setgid binaries. The manual page describing 'ld.so' for Sun Solaris also states that certain precautions are taken when setuid or setgid binaries are executed. Reportedly, these precautions are not properly followed when LD_AUDIT is used.

Exploiting this vulnerability allows local attackers to gain superuser privileges on affected computers.