Category
Security
Release Phase
Resolved
ProductStorage Automated Diagnostic Environment 2.4
Bug Id
6397587
Date of Resolved Release02-JUN-2006
Impact
A local unprivileged user may be able to execute arbitrary code with the privileges of another user (including root), due to incorrect file and directory permissions from one of the package components of the Sun Storage Automated Diagnostic Environment (StorADE) Software.
Contributing Factors
This issue can occur in the following release:
SPARC Platform
- Storage Automated Diagnostic Environment (StorADE) 2.4 (for Solaris 8, 9 and 10) without patch 117654-60
Notes:
- StorADE versions 2.0, 2.1, 2.2, and 2.3 are not affected by this issue (2.4 is the only version affected).
- The x86 platform is not affected by this issue.
- This issue only affects systems which have installed the optional SUNWstadm package. The optional SUNWstadm package adds a web browser-based graphical user interface to the Sun Storage Automated Diagnostic Environment software.
To determine if the SUNWstadm has been installed on the system, the following command can be run:
# pkginfo SUNWstadm
SUNWstadm Storage Automated Diagnostic Environment - Management Station UI
To determine the version of StorADE running on a system, the following command can be run:
# pkginfo -l SUNWstade | grep ^VERSION
VERSION=2.4
Symptoms
Files and directories which comprise the optional SUNWstadm package will have world writable permissions. The files and directories will be installed under the /var/opt/webconsole/webapps/storade directory and can be listed via the following find(1) command:
$ find /var/opt/webconsole/webapps/storade -perm -002 -print
Workaround
To work around the described issue prior to patch relief, the administrator can make the mode changes manually within the active "Lockhart" directory by running the following commands:
# find /var/opt/webconsole/webapps/storade -type d -exec chmod 755 {} \;
# find /var/opt/webconsole/webapps/storade -type f -exec chmod 644 {} \;
Resolution
This issue is addressed in the following release:
SPARC Platform
- Storage Automated Diagnostic Environment (StorADE) 2.4 (for Solaris 8, 9 and 10) with patch 117654-60 or later
References
117654-60
AttachmentsThis solution has no attachment