Oval Definition:
oval:org.mitre.oval:def:3601
Revision Date
:
2005-02-23
Version
:
16
Title
:
Runtime linker, ld.so.1 LD_PRELOAD Envvar Buffer Overflow
Description
:
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0609
Platform(s)
:
Sun Solaris 7
Product(s)
:
Solaris Runtime Linker
Definition Synopsis
Solaris 7,8,or 9 installed
Solaris 8 Installed
OR
Solaris 7 Installed
OR
Solaris 9 Installed
AND
Solaris 9 OR Patch 106950-14+ OR Patch 109147-07+ installed
Patch 106950-14 or later installed
OR
Patch 109147-07 or later installed
OR
Solaris 9 Installed
AND
NOT
Patch 106950-14 or later installed
AND
NOT
Patch 109147-07 or later installed
AND
NOT
Patch 112963-09 or later installed
BACK