CVE-2001-1582

Published: Dec 31, 2001Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

Affected (2)

Products: Sun: Solaris, Sunos

Sun

2 products

Solaris

Sunos

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	Version 8.0 unkown
Sun Sunos	Version 5.8

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (10)

http://seclists.org/bugtraq/2001/Jul/0077.html

Source: cve@mitre.org

http://seclists.org/bugtraq/2001/Jul/0091.html

Source: cve@mitre.org

http://seclists.org/bugtraq/2001/Jun/0365.html

Source: cve@mitre.org

http://www.securiteam.com/unixfocus/5IP0O2A4KS.html

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/2931

Source: cve@mitre.org

ExploitPatch

http://seclists.org/bugtraq/2001/Jul/0077.html