Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2072

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-2072
Last Modified 11 Oct 2011 12:00:00
Published 29 Jun 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2072

Summary

The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.

Vulnerable Systems

Operating System

  • Sun Solaris 10.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

VUPEN - ADV-2005-0908

BID - 14074

CONFIRM - http://www.opensolaris.org/jive/thread.jspa?messageID=3497

SUNALERT - 101794

SECTRACK - 1014537

SECUNIA - 15841

FULLDISC - 20050628 Solaris 9/10 ld.so fun


Last Updated: 27 May 2016 10:40:22