Note: This is an archival copy of Security Sun Alert 200553 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000421.1.
Solaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
A local unprivileged user may be able to gain unauthorized root privileges due to a buffer overflow vulnerability in the database function routines dbm_open(3C) and dbminit(3UCB). The dbm_open(3C) database function is present in the C library libc(3LIB) and is used in the Solaris privileged program Xsun(1).
This issue can occur in the following releases:
There are no predictable symptoms that would show the described issue has been exploited to gain unauthorized root access to a system.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment