Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Bug Id
4659277
Date of Resolved Release05-JUN-2003
Impact
A local unprivileged user may be able to gain unauthorized root privileges due to a buffer overflow involving the Solaris "/usr/lib/utmp_update" command.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 2.6 without patch 113754-02
-
Solaris 7 without patch 113752-02
-
Solaris 8 without patch 113650-02
-
Solaris 9 without patch 113718-02
x86 Platform
-
Solaris 2.6 without patch 113755-02
-
Solaris 7 without patch 113753-02
-
Solaris 8 without patch 113651-02
-
Solaris 9 without patch 113996-02
Symptoms
There are no predictable symptoms that would show the described issue has been exploited to gain unauthorized root access to a system.
Workaround
There is no workaround. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 2.6 with patch 113754-02 or later
-
Solaris 7 with patch 113752-02 or later
-
Solaris 8 with patch 113650-02 or later
-
Solaris 9 with patch 113718-02 or later
x86 Platform
-
Solaris 2.6 with patch 113755-02 or later
-
Solaris 7 with patch 113753-02 or later
-
Solaris 8 with patch 113651-02 or later
-
Solaris 9 with patch 113996-02 or later
Modification History
References
113754-02
AttachmentsThis solution has no attachment