Buffer overflow in Sun Solaris Runtime Linker

IDEFENSE labs claims that a locally exploitable buffer overflow exists in the ld.so.1 dynamic runtime linker in Sun's Solaris operating system. "The LD_PRELOAD variable can be passed a large value, which will cause the runtime linker to overflow a stack based buffer. The overflow occurs on a non-executable stack making command execution more difficult than normal, but not impossible."

Vulnerable versions include: Solaris 2.6, Solaris 7, Solaris 8, and Solaris 9.

View the advisory at http://www.idefense.com/advisory/07.29.03.txt and download the patch at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CGIiDefense

Show Comments