Oval Definition:
oval:org.mitre.oval:def:65
Revision Date
:
2002-09-17
Version
:
16
Title
:
Solaris 7 kcms_configure Command-Line Buffer Overflow
Description
:
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2001-0594
Platform(s)
:
Sun Solaris 7
Product(s)
:
kcms_configure
Definition Synopsis
Software section
Solaris 7 Installed
AND
File kcms_configure exists
AND
NOT
Patch 107337-02 or later installed
AND
Configuration section
File kcms_configure executable and SUID or SGID
File kcms_configure executable and SUID or SGID
AND
File kcms_configure executable and SUID or SGID
File kcms_configure executable and SUID or SGID
OR
File kcms_configure executable and SUID or SGID
BACK