Info

Disclosure

Nov 30, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Sun Solaris ping(1M) utility contains a flaw that may allow a malicious local user to gain access to unauthorized privileges. The issue is triggered when an unspecified buffer overflow condition occurs and may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

This issue is addressed in the following releases: SPARC Platform Solaris 7 with patch 118313-01 or later Solaris 8 with patch 116986-02 or later Solaris 9 with patch 116774-03 or later x86 Platform Solaris 7 with patch 118314-01 or later Solaris 8 with patch 116987-02 or later Solaris 9 with patch 116775-03 or later It is also possible to correct the flaw by implementing the following workaround(s): 1. Remove the "set-user-ID" bit from the ping(1M) utility will prevent unprivileged users from using the ping(1M) command 2. Enable non-executable program stacks will prevent buffer overflow condition occurs.

Products

Sun Microsystems, Inc.	Sun Solaris	7
		8
		9

References

Security Tracker: 1012368
SCIP VulDB ID: 1013
Bugtraq ID: 11782
Secunia Advisory ID: 13340
ISS X-Force ID: 18310
CVE ID: 2004-1352 (see also: NVD)
Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57675-1

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/12168

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Sun Microsystems, Inc.

Sun Solaris

References

Credit