Dan McDonald

2 exploits Active since Oct 2020
CVE-2021-43395 WRITEUP MEDIUM WRITEUP
illumos <f859e7171bb5db34321e45585839c6c3200ebb90 - Info Disclosure
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.
CVSS 5.5
CVE-2020-27678 WRITEUP CRITICAL WRITEUP
illumos < 2020-10-22 - Buffer Overflow in parse_user_name
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
CVSS 9.8