Lucene search

MitreCVE-2001-0426

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0426

2001-07-0204:00:00

mitre

web.nvd.nist.gov

cve-2001-0426

buffer overflow

solaris

dtsession

privilege escalation

lang variable

local exploit.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

0.4%

JSON

Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.

Affected configurations

Nvd

Node

sunsolarisMatch2.6

sunsolarisMatch7.0x86

sunsolarisMatch8.0x86

sunsunosMatch-

sunsunosMatch5.7

sunsunosMatch5.8

VendorProductVersionCPE
sunsolaris2.6cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
sunsolaris7.0cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
sunsolaris8.0cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
sunsunos-cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
sunsunos5.7cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
sunsunos5.8cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	solaris	2.6	cpe:2.3:o:sun:solaris:2.6:::::::*
sun	solaris	7.0	cpe:2.3:o:sun:solaris:7.0::x86:::::
sun	solaris	8.0	cpe:2.3:o:sun:solaris:8.0::x86:::::
sun	sunos	-	cpe:2.3:o:sun:sunos:-:::::::*
sun	sunos	5.7	cpe:2.3:o:sun:sunos:5.7:::::::*
sun	sunos	5.8	cpe:2.3:o:sun:sunos:5.8:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-04/0203.html

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for CVE-2001-0426