VULHUB ™

A buffer overrun condition was discovered in Solaris 2.6 X_86 in /usr/bin/cancel. This buffer overflow is apparently present in the SPARC version as well although it is thought to be unexploitable. Previous versions of Solaris did not ship with /usr/bin/cancel as SUID root, so while the buffer overflow was present it was harmless. Solaris 7.0 fixes this problem by changing the vulnerable function call.

A buffer overrun condition was discovered in Solaris 2.6 X_86 in /usr/bin/cancel. This buffer overflow is apparently present in the SPARC version as well although it is thought to be unexploitable. Previous versions of Solaris did not ship with /usr/bin/cancel as SUID root, so while the buffer overflow was present it was harmless. Solaris 7.0 fixes this problem by changing the vulnerable function call.