Note: This is an archival copy of Security Sun Alert 200140 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000102.1. |
Category Security Release Phase Resolved 26-MAR-2003 Date of Resolved Release 29-OCT-2003 Due to an issue with the ptrace() function ... 1. Impact Due to an issue with the ptrace() function an unauthorized local user may be able to gain root access rights on Linux systems, including Sun Linux and Sun Cobalt platforms. The ptrace() function is a system call used by a parent process to monitor and control the execution of another process. It is also useful in breakpoint debugging and system call tracing. 2. Contributing Factors This issue can occur in the following releases: Sun Linux Platform
Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server. Sun Cobalt Platform
3. Symptoms There are no symptoms that would show the described issue has been exploited to gain unauthorized root access to a system. 4. Workaround There is no workaround. Please see the "Resolution" section below. 5. Resolution This issue is addressed in the following releases: Sun Linux Platform
Sun Cobalt Platform
Instructions for downloading the above packages can be found in Modification History 21-JUL-2003 Date: 21-JUL-2003
Date: 29-OCT-2003
Product Sun Linux 5.0 Attachments This solution has no attachment |
|