|
Note: This is an archival copy of Security Sun Alert 200539 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000411.1. |
Category Security Release Phase Resolved Sun Cobalt Qube 3 Server Sun Cobalt RaQ XTR Server Sun Cobalt RaQ 4 Server Sun Cobalt RaQ 550 Server Bug Id 4892245 Date of Resolved Release 13-APR-2005 Impact The Sun Linux 5.0 file(1) utility version 3.39 and earlier contains a buffer overflow vulnerability in the Executable and Linking Format (ELF) parsing routines. This vulnerability may allow a local unprivileged user to execute arbitrary code with the privileges of the user running the file(1) command. Note: The file(1) command is used to identify a particular file according to the type of data contained in it. More information on this issue is available at:
Contributing Factors This issue can occur in the following releases: Sun Linux Platform
Sun Cobalt Appliances
The file(1) package version can be determined by running the following command: $ rpm -q file file-3.41-C1 Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server. Symptoms There are no predictable symptoms that would indicate the described issue has been exploited. Workaround To work around the described issue until patches can be applied, disable file(1) by removing executable and all other permissions from the "/usr/bin/file" file: To remove permissions: $ chmod 000 /usr/bin/file To restore permissions: $ chmod 755 /usr/bin/file Resolution This issue is addressed in the following release: Sun Linux Platform
Sun Linux patches are available at: http://sunsolve.sun.com/patches/linux/security.html Sun Cobalt Appliances Patches for Qube3, RaQ4, RaQ550 and RaQXTR are available at: http://sunsolve.sun.com/cobalt Modification History Date: 13-APR-2005
Date: 29-AUG-2003
Attachments This solution has no attachment | |||||||||||||||
|
|