Category
Security
Release Phase
Resolved
ProductSolaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Bug Id
4397459
Date of Resolved Release10-DEC-2003
Impact
Unprivileged local users may be able to overwrite or create any file on the system if "root" uses the text editor ed(1).
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 2.6 without patch 115563-01
-
Solaris 7 without patch 115565-01
-
Solaris 8 without patch 110903-06
x86 Platform
-
Solaris 2.6 without patch 115564-01
-
Solaris 7 without patch 115566-01
-
Solaris 8 without patch 110904-06
Note: Solaris 9 is not affected by this issue.
Symptoms
There are no symptoms that would show the vulnerability in ed(1) has been exploited, as it depends on which file was overwritten or created.
Workaround
There is no workaround. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 2.6 with patch 115563-01 or later
-
Solaris 7 with patch 115565-01 or later
-
Solaris 8 with patch 110903-06 or later
x86 Platform
-
Solaris 2.6 with patch 115564-01 or later
-
Solaris 7 with patch 115566-01 or later
-
Solaris 8 with patch 110904-06 or later
Modification History
References
115563-01
115565-01
110903-06
115564-01
115566-01
110904-06
AttachmentsThis solution has no attachment