vendor:
Solaris
by:
J. Zbiciak
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Solaris
Affected Version From: Solaris 2.5.1
Affected Version To: Solaris 2.5.1
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Solaris 2.5.1
1997
Solaris ps Command Exploit
This exploit targets Solaris 2.5.1 /usr/bin/ps command. It takes advantage of a buffer overflow vulnerability in the program. The exploit code is written in C and it overflows the target buffer for optargs, modifies the environ pointer, and fills the _ctype table with a specific value. It also builds up the _iob[0] structure. The exploit is designed for Solaris 2.5.1.
Mitigation:
Apply the appropriate patches or upgrade to a newer version of Solaris.