Category
Security
Release Phase
Resolved
ProductSolaris PC NetLink 2.0
Bug Id
6215631
Date of Resolved Release23-DEC-2005
Impact
A security vulnerability in the "/etc/init.d/slsadmin" script in PC NetLink 2.0 may allow files to be opened insecurely, which could allow an unprivileged local user the ability to write to the filesystem with the permissions of the user running "slsadmin." If "slsadmin" is run as "root," it may allow a local unprivileged user to gain elevated privileges on the system and run arbitrary commands.
Contributing Factors
This issue can occur in the following release:
SPARC Platform
- PC NetLink 2.0 (for Solaris 7, 8 and 9) without patch 121332-01
Notes:
- Solaris for x86 is not affected by this issue.
- Solaris 10 is not affected by this issue.
- PC NetLink 1.0, 1.1 and 1.2 are not affected by this issue.
To determine the version of PC NetLink on a system, the following command can be run:
$ /opt/lanman/bin/net version
Solaris (TM) PC NetLink, Version 2.0,REV=2.0.xx
UNIX Systems Server
To determine if the SUNWlzas package (for slsadmin) is installed on a system, the following command can be run:
$ pkginfo -l SUNWlzas
PKGINST: SUNWlzas
NAME: Solaris (TM) PC NetLink Adm Srv
CATEGORY: system
ARCH: sparc
VERSION: 2.0,REV=rr24
BASEDIR: /
VENDOR: Sun Microsystems, Inc.
DESC: Solaris (TM) PC NetLink Administration Server
Symptoms
There are no predictable symptoms that would indicate the described issue has been exploited.
Workaround
There is no workaround for this issue. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following release:
SPARC Platform
- PC NetLink 2.0 (for Solaris 7, 8 and 9) with patch 121332-01 or later
References
121332-01
AttachmentsThis solution has no attachment