CVE-2001-0652

Solaris 2.6-8 - Privilege Escalation

Title source: llm

Description

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Nsfocus · clocalsolaris

https://www.exploit-db.com/exploits/21059

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Nsfocus · clocalsolaris

https://www.exploit-db.com/exploits/21058

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3160

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6967

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10

[Mailing List] http://marc.info/?l=bugtraq&m=99745571104126&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131

Scores

EPSS 0.0011

EPSS Percentile 29.2%

Details

Status published

Products (1)

sun/sunos < 5.9

Published Oct 30, 2001

Tracked Since Feb 18, 2026