Note: This is an archival copy of Security Sun Alert 201793 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001331.1.
Solaris PC NetLink 2.0
Date of Resolved Release
A security vulnerability in the "/opt/lanman/sbin/slsmgr" command in PC NetLink 2.0 may allow files to be opened insecurely, which could allow an unprivileged local user the ability to write to the filesystem with the permissions of the user running "slsmgr." If "slsmgr" is run as "root," it may allow a local unprivileged user to gain elevated privileges on the system and run arbitrary commands.
This issue can occur in the following release:
To determine the version of PC NetLink on a system, the following command can be run:
$ /opt/lanman/bin/net version Solaris (TM) PC NetLink, Version 2.0,REV=2.0.xx UNIX Systems Server
To determine if the SUNWlzag package (for slsmgr) is installed on a system, the following command can be run:
$ pkginfo -l SUNWlzag PKGINST: SUNWlzag NAME: Solaris (TM) PC NetLink Adm GUI CATEGORY: system ARCH: sparc VERSION: 2.0,REV=rr24 BASEDIR: / VENDOR: Sun Microsystems, Inc. DESC: Solaris (TM) PC NetLink Administration Java GUI components
There are no predictable symptoms that would indicate the described issue has been exploited.
There is no workaround for this issue. Please see the "Resolution" section below.
This issue is addressed in the following release:
This solution has no attachment