CERTA-2003-AVI-127
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité présente sur l'éditeur de liens dynamiques sous Solaris permet à un utilisateur local mal intentionné du système d'obtenir les privilèges du super-utilisateur.
Description
L'éditeur de liens dynamiques (ld.so.1) permet à des éxecutables d'utiliser des librairies dynamiques. La variable LD_PRELOAD, qui contient les chemins d'accès à ces librairies, permet le chargement des bibliothèques.
Un utilisateur mal intentionné peut, en exécutant un programme « setuid root », provoquer un débordement de pile, par le biais de la variable LD_PRELOAD et obtenir les droits du super-utilisateur (root).
Solution
Appliquer le correctif correspondant à votre plate-forme (cf. section documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Solaris 7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Solaris 8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Solaris 9.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Solaris 2.6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nL\u0027\u00e9diteur de liens dynamiques (ld.so.1) permet \u00e0 des \u00e9xecutables\nd\u0027utiliser des librairies dynamiques. La variable LD_PRELOAD, qui\ncontient les chemins d\u0027acc\u00e8s \u00e0 ces librairies, permet le chargement des\nbiblioth\u00e8ques.\n\nUn utilisateur mal intentionn\u00e9 peut, en ex\u00e9cutant un programme \u00ab setuid\nroot \u00bb, provoquer un d\u00e9bordement de pile, par le biais de la variable\nLD_PRELOAD et obtenir les droits du super-utilisateur (root).\n\n## Solution\n\nAppliquer le correctif correspondant \u00e0 votre plate-forme (cf. section\ndocumentation).\n",
"cves": [],
"links": [
{
"title": "Avis de s\u00e9curit\u00e9 Sun :",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680"
},
{
"title": "Correctifs de Sun :",
"url": "http://sunsolve.sun.com/securitypatch"
}
],
"reference": "CERTA-2003-AVI-127",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2003-07-31T00:00:00.000000"
},
{
"description": "ajout de l\u0027avis Sun et de la r\u00e9f\u00e9rence CVE.",
"revision_date": "2003-08-01T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente sur l\u0027\u00e9diteur de liens dynamiques sous\nSolaris permet \u00e0 un utilisateur local mal intentionn\u00e9 du syst\u00e8me\nd\u0027obtenir les privil\u00e8ges du super-utilisateur.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027\u00e9diteur de liens dynamiques sur Solaris",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 de iDefense",
"url": "http://www.idefense.com/advisory/07.29.03.txt"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…