Note: This is an archival copy of Security Sun Alert 200208 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000159.1.
Sun N1 System Manager 1.0
Date of Resolved Release
A security vulnerability in Sun N1 System Manager 1.1 may allow a local unprivileged user the ability to access internal System Manager passwords.
This issue can occur in the following releases:
Note: System Manager 1.1 for Linux is not affected by this issue.
There are no predictable symptoms that would indicate the described issue has occurred.
To work around the described issue, change the permissions on the files below from 0644 to 0400 by using the following commands as root:
# /bin/chmod 0400 /cr/hd_jobs_db.sh # /bin/chmod 0400 /cr/hd_plan_checkin.sh # /bin/chmod 0400 /cr/oracle_plan_checkin.sh
This issue is addressed in the following releases:
This solution has no attachment