The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
2005-06-29T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.2 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | sun | solaris | 8.0 | Yes |
Operating System | sun | solaris | 9.0 | Yes |
Operating System | sun | solaris | 9.0 | Yes |
Operating System | sun | solaris | 10.0 | Yes |
Operating System | sun | sunos | 5.8 | Yes |