Category
Security
Release Phase
Resolved
Bug Id
6839596
ProductLightweight Availability Collection Tool 3.0
Date of Resolved Release02-Jul-2009
Security Vulnerability in Lightweight Availability Collection Tool ... (see below)
1. Impact
A race condition security vulnerability in the Lightweight
Availability Collection Tool may allow a local unprivileged user to
overwrite arbitrary files on the system.
Sun acknowledges with thanks, Mike Gerdts for bringing this issue to our attention.
2. Contributing Factors
This issue can occur in the following releases:
SPARC Platform
- Lightweight Availability Collection Tool 3.0 (for Solaris 7, 8, 9 and 10)
x86 Platform
- Lightweight Availability Collection Tool 3.0 (for Solaris 9 and 10)
3. Symptoms
There are no predictable symptoms that would indicate the described issue has occurred.
4. Workaround
There are no workarounds for these issue. Please see the resolution section below.
4. Resolution
This issue is addressed in the following releases:
SPARC Platform
- Lightweight Availability Collection Tool 3.1 or later (for Solaris 7, 8, 9 and 10)
x86 Platform
- Lightweight Availability Collection Tool 3.1 or later (for Solaris 9 and 10)
The latest version of Lightweight Availability Collection Tool containing the fix can be downloaded from:
http://www.sun.com/service/stb/
For more information on Security Sun Alerts, see
Attachments
This solution has no attachment