Info

Disclosure

Dec 23, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

PC Netlink for Solaris SPARC 7, 8 and 9 contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the '/opt/lanman/sbin/slsmgr' script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun has released a patch to address this vulnerability. Users of Solaris 7, 8 and 9 on SPARC platforms should apply patch 121209-01 or later. Solaris 10 and Solaris on x86 platforms are not affected.

Products

Sun Microsystems, Inc.

PC Netlink

2.0

References

Security Tracker: 1015408
Bugtraq ID: 16059
Secunia Advisory ID: 18230
SCIP VulDB ID: 1936
CVE ID: 2005-4552 (see also: NVD)
Related OSVDB ID: 22044
VUPEN Advisory: ADV-2005-3083
Keyword: BugIDs: 6215629
Vendor Specific Advisory URL: http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102122-1
Other Advisory URL: http://www.securiteam.com/unixfocus/6D00N2AEUA.html
Vendor URL: http://www.sun.com/products/interoperability/netlink/

Credit

Sun Microsystems, Inc. - Sun Microsystems, Inc.

Direct URL: http://osvdb.org/22045