ID CVE-2018-1171
Summary This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106.
References
Vulnerable Configurations
  • cpe:2.3:o:joyent:smartos:20170803-20170803t064301z:*:*:*:*:*:*:*
    cpe:2.3:o:joyent:smartos:20170803-20170803t064301z:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 28-08-2020 - 15:18)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 104799
confirm
misc https://zerodayinitiative.com/advisories/ZDI-18-236
sectrack 1041303
Last major update 28-08-2020 - 15:18
Published 19-03-2018 - 18:29
Last modified 28-08-2020 - 15:18
Back to Top