Note: This is an archival copy of Security Sun Alert 201754 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001294.1. |
Category Security Release Phase Resolved Solaris 9 Operating System Solaris 10 Operating System Solaris 8 Operating System Bug Id 6487273, 6487284 Date of Workaround Release 12-DEC-2006 Date of Resolved Release 31-JAN-2007 Impact Two security vulnerabilities in Solaris ld.so.1(1) may allow a local unprivileged user to execute arbitrary code with elevated privileges. Sun acknowledges with thanks, iDefense (http://www.idefense.com), for bringing these issues to our attention. More information regarding these issues is available from the following iDefense advisories: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=449 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=450 Contributing Factors These issues can occur in the following releases: SPARC Platform
x86 Platform
Symptoms There are no predictable symptoms that would indicate these issues have been exploited. Workaround There is no workaround for these issues. Please see the Resolution section below. Resolution These issues are addressed in the following releases: SPARC Platform
x86 Platform
Modification History Date: 31-JAN-2007 31-Jan-2007:
References124922-01124923-01 109147-42 112963-27 109148-41 109148-41 Attachments This solution has no attachment |
|