[Solaris_fr] Sun Alert ID: 102066

Mon, 16 Jan 2006 08:35:02 -0800 

Hmmmmm.... Il n'y a aucune mention sur l'origine de la vulnerabilite.

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102066-1

Description     Top
Sun(sm) Alert Notification

    * Sun Alert ID: 102066
    * Synopsis: Security Vulnerability May Allow An Unprivileged Local User to
Gain Root Access or Panic the OS
    * Category: Security
    *
      Product: Solaris 9 Operating System, Solaris 10 Operating System
    * BugIDs: 6293270
    * Avoidance: Patch
    * State: Resolved
    * Date Released: 11-Jan-2006
    * Date Closed: 11-Jan-2006
    * Date Modified:

1. Impact

On Solaris 10 x86 systems, or on Solaris 9 x86 systems with patch 112234-11 or
112234-12 or patch 117172-16 (or later) installed, a local unprivileged user may
have the ability to gain root access or panic the Solaris operating system.
2. Contributing Factors

The issue can occur in the following releases:

x86 Platform

    * Solaris 9 with patch 112234-11, 112234-12 or 117172-16 or later and
without patch 118559-19
    * Solaris 10 without patch 118844-24

Note: Solaris 8 is not affected by this issue. Solaris on the SPARC platform is
not affected by this issue.
3. Symptoms

There are no predictable symptoms that would indicate this issue has been
exploited to gain root access. The unprivileged user may cause Solaris to panic
(with a corresponding stack trace that includes functions from the mm(5) 
driver).

Solution Summary        Top
4. Relief/Workaround

There is no workaround to this issue. Please see the Resolution section below.

5. Resolution

This issue is addressed in the following releases:

x86 Platform

    * Solaris 9 with patch 118559-19 or later
    * Solaris 10 with patch 118844-24 or later


-- 
 ---------------------------------------------------------------
 Jose Marcio MARTINS DA CRUZ           Tel. :(33) 01.40.51.93.41
 Ecole des Mines de Paris              http://j-chkmail.ensmp.fr
 60, bd Saint Michel                http://www.ensmp.fr/~martins
 75272 - PARIS CEDEX 06      mailto:[EMAIL PROTECTED]


_______________________________________________
Solaris_fr liste de diffusion en français pour Solaris, sur toutes architectures
Solaris_fr@x86.sun.com
http://x86.sun.com/mailman/listinfo/solaris_fr

Répondre à