VULHUB ™

Sun dbm_open(), ndbm(), dbm() and dbminit() library functions have been reported prone to buffer overflow vulnerabilities. Each of these issues likely present themselves due to a lack of sufficient bounds checking performed when copying externally supplied data into an internal memory buffer. Excessive data supplied to one of the functions will overrun the boundary of the assigned buffer and corrupt adjacent memory. It should be noted that the vendor has discussed that the Solaris Xsun application is linked to the vulnerable library and runs as a privileged application. Therefore it may be possible for a local or remote attacker to exploit this condition to obtain root privileges.

Sun dbm_open(), ndbm(), dbm() and dbminit() library functions have been reported prone to buffer overflow vulnerabilities. Each of these issues likely present themselves due to a lack of sufficient bounds checking performed when copying externally supplied data into an internal memory buffer. Excessive data supplied to one of the functions will overrun the boundary of the assigned buffer and corrupt adjacent memory. It should be noted that the vendor has discussed that the Solaris Xsun application is linked to the vulnerable library and runs as a privileged application. Therefore it may be possible for a local or remote attacker to exploit this condition to obtain root privileges.