Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: LSD (contactLSD-PL.NET)
Date: Wed Apr 11 2001 - 22:26:40 CDT
There exists a buffer overflow vulnerability in the way the
KCMS_PROFILES environment variable is handled by the kcsSUNWIOsolf.so
library. When appropriately exploited through a kcms_configure program
it can lead to a local root compromise on a vulnerable system.
There also exists a buffer overflow vulnerability in a dtsession
program in a way it handles LANG environment variable.
Proof of concept codes for both vulnerabilites are avaialble
at our website at the following addresses: