Note: This is an archival copy of Security Sun Alert 201636 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001223.1.
Article ID : 1001223.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2003-12-09
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability Involving the passwd(1) Command



Category
Security

Release Phase
Resolved

Product
Solaris 9 Operating System
Solaris 8 Operating System

Bug Id
4793719

Date of Resolved Release
26-FEB-2004

Impact

A local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd(1) command.

Sun acknowledges, with thanks, Tim Wort of Inkling Research Inc. for contacting us regarding this issue.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 8 with patch 108993-14 through 108993-31 and without patch 108993-32
  • Solaris 9 without patch 113476-11

x86 Platform

  • Solaris 8 with patch 108994-14 through 108994-31 and without patch 108994-32
  • Solaris 9 without patch 114242-07

Note: Solaris 7 is not affected by this issue.


Symptoms

There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized elevated privileges to a host.


Workaround

There is no workaround for this issue.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 8 with patch 108993-32 or later
  • Solaris 9 with patch 113476-11 or later

x86 Platform

  • Solaris 8 with patch 108994-32 or later
  • Solaris 9 with patch 114242-07 or later


Modification History
Date: 08-MAR-2004
  • Updated Impact


References

108993-32
108994-32
114242-07
113476-11




Attachments
This solution has no attachment