There exists a buffer overflow vulnerability in the way the KCMS_PROFILES environment variable is handled by the kcsSUNWIOsolf.so library. When appropriately exploited through a kcms_configure program it can lead to a local root compromise on a vulnerable system. There also exists a buffer overflow vulnerability in a dtsession program in a way it handles LANG environment variable. Proof of concept codes for both vulnerabilites are avaialble at our website at the following addresses: http://lsd-pl.net/files/get?SOLARIS/solsparc_kcssunwiosolf http://lsd-pl.net/files/get?SOLARIS/solx86_kcssunwiosolf http://lsd-pl.net/files/get?SOLARIS/solx86_dtsession Regards, lsd ppl http://lsd-pl.net/
