CVE-2001-0652
published 2001-10-30CVE-2001-0652: Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH…
PriorityP426high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.92%
55.7th percentile
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | sunos | <= 5.9 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
exploitdb·2001-08-10
CVE-2001-0652 Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
---
// source: https://www.securityfocus.com/bid/3160/info
Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked.
The version of xlock that ships with Solaris as part of OpenWindows contains a heap overflow in it's handling of an environment variable.
Local attackers may be able to execute arbitrary code with effective privileges of xlock.
/*
* sol_sparc_xlockex.c - Proof of Concept Code for xlock heap overflow bug.
* Copyright (c) 2001 - Nsfocus.com
*
* Tested in Solaris 2.6/7/8 SPARC
*
* DISCLAIMS:
* This is a proof of concept code. This code is for test purpose
* only and should not be run against any host without permissio
Exploit-DB
Solaris 8 - x86 xlock Heap Overflow
exploitdb·2001-08-10
CVE-2001-0652 Solaris 8 - x86 xlock Heap Overflow
Solaris 8 - x86 xlock Heap Overflow
---
// source: https://www.securityfocus.com/bid/3160/info
Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked.
The version of xlock that ships with Solaris as part of OpenWindows contains a heap overflow in it's handling of an environment variable.
Local attackers may be able to execute arbitrary code with effective privileges of xlock.
/*
* sol_x86_xlockex.c - Proof of Concept Code for xlock heap overflow bug.
* Copyright (c) 2001 - Nsfocus.com
*
* Tested in Solaris 8 x86.
*
* DISCLAIMS:
* This is a proof of concept code. This code is for test purpose
* only and should not be run against any host without permission from
* the system
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=99745571104126&w=2http://www.securityfocus.com/bid/3160https://exchange.xforce.ibmcloud.com/vulnerabilities/6967https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131http://marc.info/?l=bugtraq&m=99745571104126&w=2http://www.securityfocus.com/bid/3160https://exchange.xforce.ibmcloud.com/vulnerabilities/6967https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131
2001-10-30
Published