Note: This is an archival copy of Security Sun Alert 200453 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000334.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
A race condition vulnerability in handling recursive directory deletion via the rm(1) command with either the "-r" or "-R" option may lead to deletion of files or directories external to the argument directory hierarchy. An unprivileged user may exploit this vulnerability by creating a specially crafted directory hierarchy which, when deleted by a privileged user using the rm(1) command, may lead to deletion of system files and directories causing a Denial of Service (DoS) condition.
Sun acknowledges with thanks, Jim Meyering <email@example.com>, for bringing this issue to our attention.
Additional information regarding this issue can be found at:
This issue can occur in the following releases:
There are no predictable symptoms that would indicate the issue has been exploited.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment