dtspcd (CDE) exploit v1.66 Vulnerability exploited: CVE-2001-0803 - BID-3517 Category: Exploits/Remote Exploits a buffer overflow in libDtSvc. Uses dtspcd to abuse a buffer overflow in libDtSvc, and corrupts malloc()'s memory management structures to change a function pointer. It first tries to overwrite the pointer to SbRemoveInput_hookfn, if this fails, it tries to overwrite the variable exitfns, used by exit() to call finalization functions. At the same time, this exploit is going to try to bruteforce agent's address in memory, doing up to 30 tries for each function pointer. Supported Systems: Solaris 2.6 (sun4m) Solaris 7 (sun4m) Solaris 8 (sun4m) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.