Note: This is an archival copy of Security Sun Alert 200999 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000752.1.
Date of Resolved Release
Unprivileged local users may be able to overwrite arbitrary files on a system due to a security vulnerability in the utempter(8) utility.
Note: utempter(8) is a privileged helper program that writes utmp/wtmp entries for unprivileged programs.
This issue is described in the following documents:
This issue can occur in the following releases:
Note: JDS for Solaris is not impacted by this issue.
This issue only occurs with utempter versions utempter-0.5.2-342 or earlier.
To determine the release of JDS for Linux installed on a system, the following command can be run:
% cat /etc/sun-release Sun Java Desktop System, Release 2 -build 10b (GA) Assembled 30 March 2004
To determine the version of utempter, the following command can be run:
% rpm -qf /usr/sbin/utempter utempter-0.5.2-342
There are no predictable symptoms that would show the described issue has been exploited.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
To download and install the updated RPMs from the update servers select the following from the launch bar:
Launch >> Applications >> System Tools >> Online Update
For additional information on obtaining updates see:
Sun Java Desktop System Release 2
Sun Java Desktop System 2003
This solution has no attachment