Note: This is an archival copy of Security Sun Alert 200540 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000412.1. |
Category Security Release Phase Resolved Sun Cobalt Qube 3 Server Sun Cobalt RaQ XTR Server Sun Cobalt RaQ 4 Server Sun Cobalt RaQ 550 Server Bug Id 4892240 Date of Resolved Release 13-APR-2005 Impact A race condition in Sun Linux fileutils 4.1 and earlier versions may allow a local unprivileged user to delete files or directories owned by others. This issue is described at:
Note: The Sun Linux fileutils 4.1 package includes a number of common and popular "GNU" file management utilities. Contributing Factors This issue can occur in the following releases: Sun Linux Platform
Sun Cobalt Appliances
The current version of the fileutils package can be found by running the following command: % rpm -q fileutils fileutils-4.1-10.1 Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server. Symptoms There are no predictable symptoms that would indicate the described issue has been exploited. Workaround There is no workaround for this issue. Please see the Resolution section below. Resolution This issue is addressed in the following releases: Sun Linux Platform
Sun Linux patches are available at: http://sunsolve.sun.com/patches/linux/security.html Sun Cobalt Appliances Patches for Qube3, RaQ4, RaQ550 and RaQXTR are available at: http://sunsolve.sun.com/cobalt Modification History Date: 13-APR-2005
Date: 29-AUG-2003
Attachments This solution has no attachment |
|