• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Solaris 'snoop(1M)' Utility Multiple Remote Vulnerabilities

The Solaris 'snoop(1M)' network utility is prone to multiple remote vulnerabilities:

- Multiple stack-based buffer-overflow vulnerabilities
- Multiple format-string vulnerabilities

Exploiting these issues will allow attackers to execute arbitrary code with the privileges of the 'nobody' user. Attackers may also exploit these issues to capture network traffic that is visible to the network interface. Since the 'snoop(1M)' utility handles segmentation faults, repeated exploit attempts are also possible.

These issues affect the following versions for SPARC and x86 platforms:

Solaris 10
Solaris 9
Solaris 8
OpenSolaris builds snv_01 to snv_95