Note: This is an archival copy of Security Sun Alert 228544 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1017440.1.
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
Unprivileged local users may be able to overwrite or create any file on the system if "root" uses the text editor ed(1).
This issue can occur in the following releases:
Note: Solaris 9 is not affected by this issue.
There are no symptoms that would show the vulnerability in ed(1) has been exploited, as it depends on which file was overwritten or created.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment