Note: This is an archival copy of Security Sun Alert 201326 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001000.1.
Article ID : 1001000.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2003-01-13
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability with the Solaris "/usr/lib/utmp_update" Command



Category
Security

Release Phase
Resolved

Product
Solaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System

Bug Id
4705891

Date of Resolved Release
16-JAN-2003

Impact

A local unprivileged user may be able to gain unauthorized root privileges due to a buffer overflow involving the Solaris "/usr/lib/utmp_update" command.


Contributing Factors

This issue can occur in the following releases:

SPARC

  • Solaris 2.6 without patch 113754-01
  • Solaris 7 without patch 113752-01
  • Solaris 8 without patch 113650-01
  • Solaris 9 without patch 113718-01

Intel

  • Solaris 2.6 without patch 113755-01
  • Solaris 7 without patch 113753-01
  • Solaris 8 without patch 113651-01
  • Solaris 9 without patch 113996-01

Note: Solaris 2.5.1 will not be evaluated for potential impact for the described issue contained in this Sun Alert document.


Symptoms

There are no predictable symptoms that would show the described issue has been exploited to gain unauthorized root access to a system.


Workaround

There is no workaround. Please see the "Resolution" section below.


Resolution

This issue is addressed in the following releases:

SPARC

  • Solaris 2.6 with patch 113754-01 or later
  • Solaris 7 with patch 113752-01 or later
  • Solaris 8 with patch 113650-01 or later
  • Solaris 9 with patch 113718-01 or later

Intel

  • Solaris 2.6 with patch 113755-01 or later
  • Solaris 7 with patch 113753-01 or later
  • Solaris 8 with patch 113651-01 or later
  • Solaris 9 with patch 113996-01 or later


Modification History

References

113754-01
113752-01
113650-01
113718-01
113755-01
113753-01
113651-01
113996-01




Attachments
This solution has no attachment