Category
Security
Release Phase
Resolved
ProductSolaris 8 Operating System
Bug Id
4646306
Date of Resolved Release19-JAN-2005
Impact
A security vulnerability in the DHCP administration utilities dhcpconfig(1M), pntadm(1M), and dhcpmgr(1M) may allow an unprivileged local user the ability to execute arbitrary code with the privileges of root.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 8 with patch 109077-02 through 109077-08 and without patch 109077-09
x86 Platform
-
Solaris 8 with patch 109078-02 through 109078-08 and without patch 109078-09
Note: Solaris 7 and Solaris 9 are not affected by this issue.
A system is only vulnerable to this issue if the DHCP server packages have been installed.
To determine if the DHCP server packages have been installed, the following command can be run:
$ pkginfo SUNWdhcm SUNWdhcsu
Symptoms
There are no predictable symptoms that would indicate the described issue has occurred.
Workaround
To work around the described issue, edit each of the following files:
/usr/lib/inet/dhcp/svcadm/pntadm
/usr/lib/inet/dhcp/svcadm/dhcpconfig
/usr/sadm/admin/bin/dhcpmgr
and modify the following line:
From:
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${WBEMDIR}
To:
LD_LIBRARY_PATH=${WBEMDIR}
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 8 with patch 109077-09 or later
x86 Platform
-
Solaris 8 with patch 109078-09 or later
Modification History
References
109077-09
109078-09
AttachmentsThis solution has no attachment