Local root exploit for a stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 that allows local users to gain root privileges via a long LD_PRELOAD environment variable.
6d7bdc11a3396a323aa02a43e2fdb992917edce2a4b72006644e2f579e17c406
iDEFENSE Security Advisory 07.29.03: A locally exploitable buffer overflow exists in the ld.so.1 dynamic runtime linker in Sun's Solaris operating system. The LD_PRELOAD variable can be passed a large value, which will cause the runtime linker to overflow a stack based buffer.
d8980a0f0ad83ec39a5c9e1bb61a448ba42a0962cdcf38b33b5dde750fc4a931