CVE-2003-0609

Name of the Vulnerable Software and Affected Versions: Solaris versions 2.6 through 9

Description: A stack-based buffer overflow issue exists in the runtime linker, ld.so.1, which allows local users to gain root privileges by setting a long LD PRELOAD environment variable.

Recommendations: For Solaris versions 2.6 through 9, as a temporary workaround, consider restricting the use of the LD PRELOAD environment variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.