Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 8 Operating System
Bug Id
4793719
Date of Resolved Release26-FEB-2004
Impact
A local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd(1) command.
Sun acknowledges, with thanks, Tim Wort of Inkling Research Inc. for contacting us regarding this issue.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 8 with patch 108993-14 through 108993-31 and without patch 108993-32
-
Solaris 9 without patch 113476-11
x86 Platform
-
Solaris 8 with patch 108994-14 through 108994-31 and without patch 108994-32
-
Solaris 9 without patch 114242-07
Note: Solaris 7 is not affected by this issue.
Symptoms
There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized elevated privileges to a host.
Workaround
There is no workaround for this issue.
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 8 with patch 108993-32 or later
-
Solaris 9 with patch 113476-11 or later
x86 Platform
-
Solaris 8 with patch 108994-32 or later
-
Solaris 9 with patch 114242-07 or later
Modification History
Date: 08-MAR-2004
References
108993-32
108994-32
114242-07
113476-11
AttachmentsThis solution has no attachment