CVE-2001-1582

Sun Solaris 8 - RCE

Title source: llm

Description

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Fyodor · clocalsolaris

https://www.exploit-db.com/exploits/20970

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by noir · clocalsolaris

https://www.exploit-db.com/exploits/20969

View Code ZIP pw:eip

References (5)

[Mailing List] http://seclists.org/bugtraq/2001/Jul/0091.html

[Exploit, Patch] http://www.securityfocus.com/bid/2931

[Mailing List] http://seclists.org/bugtraq/2001/Jun/0365.html

[Mailing List] http://seclists.org/bugtraq/2001/Jul/0077.html

[Exploit] http://www.securiteam.com/unixfocus/5IP0O2A4KS.html

Scores

EPSS 0.0017

EPSS Percentile 38.0%

Details

CWE

CWE-119

Status published

Products (2)

sun/solaris 8.0 unkown

sun/sunos 5.8

Published Dec 31, 2001

Tracked Since Feb 18, 2026