CVE-2003-0609

Solaris <9 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Marco Ivaldi · clocalsolaris

https://www.exploit-db.com/exploits/1182

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by osker178 · clocalsolaris

https://www.exploit-db.com/exploits/114

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/12755

[Mailing List] http://marc.info/?l=bugtraq&m=105951760418667&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3601

[Third Party Advisory, VDB Entry] http://www.osvdb.org/8722

[Vendor Advisory] http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680

[Vendor Advisory] http://www.idefense.com/advisory/07.29.03.txt

Scores

EPSS 0.0073

EPSS Percentile 72.7%

Details

Status published

Products (7)

sun/solaris 2.6

sun/solaris 7.0

sun/solaris 8.0

sun/solaris 9.0 (2 CPE variants)

sun/sunos

sun/sunos 5.7

sun/sunos 5.8

Published Aug 27, 2003

Tracked Since Feb 18, 2026