Note: This is an archival copy of Security Sun Alert 200176 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000130.1.
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Workaround Release
Date of Resolved Release
Unprivileged local users may be able to gain unauthorized root access due to a buffer overflow in admintool(1M).
This issue is described in the following eSecurityOnline bulletin:
This issue can occur in the following releases:
Note: Solaris 9 is not affected by this issue.
There are no symptoms that would show the described problem has been exploited to gain unauthorized root access to a host.
As a workaround, remove the setuid bit from the admintool flle by doing the following
# chmod u-s /usr/bin/admintool
Note: This will prevent non-root users from successfully executing admintool(1M) tasks on the system.
This issue is addressed in the following releases:
Note: Solaris 2.5.1 requires an upgrade to a later release.
This solution has no attachment