CERTA-2004-AVI-069
Vulnerability from certfr_avis - Published: - Updated:None
Description
Une vulnérabilité sur la commande passwd permet à un utilisateur local mal intentionné d'obtenir les privilèges du super utilisateur (root).
Solution
Appliquer le correctif, correspondant à votre système d'exploitation et votre architecture, disponible sur le site de SUN (cf. section documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Solaris 8 sur architecture Sparc avec les correctifs 108993-14 \u00e0 108993-31 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Solaris 8 sur architecture x86 avec les correctifs 108994-14 \u00e0 108994-31 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Solaris 9 sur architecture Sparc et x86.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 sur la commande passwd permet \u00e0 un utilisateur local\nmal intentionn\u00e9 d\u0027obtenir les privil\u00e8ges du super utilisateur (root).\n\n## Solution\n\nAppliquer le correctif, correspondant \u00e0 votre syst\u00e8me d\u0027exploitation et\nvotre architecture, disponible sur le site de SUN (cf. section\ndocumentation).\n",
"cves": [],
"links": [
{
"title": "Correctif 114242-07 pour Solaris 9 sur architecture x86 :",
"url": "http://www.sunsolve.sun.com/pub-cgi/findPatch.pl?PatchId=114242\u0026rev=07"
},
{
"title": "Correctif 113476-11 pour Solaris 9 sur architecture Sparc :",
"url": "http://www.sunsolve.sun.com/pub-cgi/findPatch.pl?PatchId=113476\u0026rev=11"
},
{
"title": "Avis de s\u00e9curit\u00e9 O-088 du CIAC :",
"url": "http://www.ciac.org/ciac/bulletins/o-088.shtml"
},
{
"title": "Avis de s\u00e9curit\u00e9 57454 de SUN :",
"url": "http://www.sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57454\u0026zone_32=category%3Asecurity"
},
{
"title": "Correctif 108994-32 pour Solaris 8 sur architecture x86 :",
"url": "http://www.sunsolve.sun.com/pub-cgi/findPatch.pl?PatchId=108994\u0026rev=32"
},
{
"title": "Correctif 108993-32 pour Solaris 8 sur architecture Sparc :",
"url": "http://www.sunsolve.sun.com/pub-cgi/findPatch.pl?PatchId=108993\u0026rev=32"
}
],
"reference": "CERTA-2004-AVI-069",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 de la commande passwd sur Sun",
"vendor_advisories": [
{
"published_at": null,
"title": "Buletin de s\u00e9curit\u00e9 57454 de SUN",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…