Common Desktop Environment 2.3.1 Buffer Overflow

Posted by deepcore on January 18, 2020 – 1:08 am

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Trend Micro Security 2019 Security Bypass Protected Service Tampering Solaris xlock Information Disclosure »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Common Desktop Environment 2.3.1 Buffer Overflow

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL