Oval Definition:oval:org.mitre.oval:def:10
Revision Date:2002-09-17Version:16
Title:Heap Overflow in Solaris 8 xlock
Description:Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2001-0652
Platform(s):Sun Solaris 8
Product(s):xlock
Definition Synopsis
  • Software section
  • Solaris 8 Installed
  • AND File xlock exists
  • AND NOT Patch 108652-38 or later installed
  • AND Configuration section
  • File xlock SUID and executable
  • File xlock SUID and executable
  • AND File xlock SUID and executable
    • BACK