Local Privilege Escalation in Solaris 8 and Solaris 9 via Buffer Overflow in passwd(1)
While remote compromises are preferred by attackers and most feared by defenders, local privilege escalation can be equally as dangerous and even harder to uncover. A buffer overflow in the passwd program used in Sun Microsystems' Solaris 8 and Solaris 9 Operating Environments can be silently...