CVE
- Id
- 4478
- CVE No.
- CVE-2002-0084
- Status
- Candidate
- Description
- Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
- Phase
- Modified (20061101)
- Votes
- ACCEPT(3) Cole, Green, Wall | NOOP(3) Christey, Foat, Ziese
- Comments
- Christey> CERT:CA-2002-11 | CERT-VN:VU#635811 | AUSCERT:AA-2002.01 | URL:http://www.auscert.org.au/Information/Advisories/advisory/AA-2002.01.txt | Christey> BUGTRAQ:20020429 eSecurityOnline Security Advisory 4198 - Sun Solaris cachefsd mount file buffer overflow vulnerability | URL:http://online.securityfocus.com/archive/1/270135 | Christey> ADDREF CERT-VN:VU#161931 | ADDREF BUGTRAQ:20020429 eSecurityOnline Security Advisory 4198 - Sun Solaris cachefsd mount file buffer overflow vulnerability | ADDREF CONFIRM:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 | | Note: this is a different vulnerability than CVE-2002-0033. | However, if there are different patches for the 2 issues, then | they may need to be merged per CD:SF-LOC. | | Add that the affected function is fscache_setup() | Christey> VULNWATCH:20020429 [VulnWatch] eSecurityOnline Security Advisory 4198 - Sun Solaris cachefsd mou nt file buffer overflow vulnerability | URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0048.html | BID:4631 | URL:http://www.securityfocus.com/bid/4631
