• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sun Solaris Volume Manager Local Buffer Overflow Vulnerability

Solaris is the freely available Unix operating system distributed by Sun Microsystems.

Under some circumstances, a buffer overflow may occur in the Solaris Volume Manager (vold). A local user may be able to take advantage of this buffer overflow, exploiting it to overwrite stack memory, and potentially execute arbitrary code. Any code executed via this vulnerability would be executed with the privileges of the volume management daemon, typically run as root.