Solaris x86 mkcookie Privilege Escalation Overflow
Local Access Required
Loss of Integrity
A local overflow exists in Solaris. The mkcookie utility fails to sanitize the $HOME environment variable, resulting in a buffer overflow. With a specially crafted request with machine code, a local attacker can cause a buffer overflow and execute arbitrary code with root privilege, resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.