CVE-2001-0595

Name of the Vulnerable Software and Affected Versions: Solaris versions 7 and 8

Description: A buffer overflow issue exists in the kcsSUNWIOsolf.so library, allowing local attackers to execute arbitrary commands. This can be achieved by exploiting the KCMS PROFILES environment variable, for example, using the kcms configure program.

Recommendations: For Solaris version 7, update to a version that includes the fix for this issue. For Solaris version 8, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the kcms configure program and the KCMS PROFILES environment variable to minimize the risk of exploitation.