PT-2006-5240 · Sun · Sun Solaris 10

Publicado

2006-08-29

Atualizado

2017-10-11

CVE-2006-4439

CVSS v2.0

3.6

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Sun Solaris 10 versions prior to 20060825

Description The issue allows local users to modify arbitrary files or directories due to insecure file and directory permissions. This occurs when the pkgmap file contains a ? (question mark) in the mode field, resulting in files being installed with permissions of 755 or 777.

Recommendations For Sun Solaris 10 versions prior to 20060825, ensure that the pkgmap file does not contain a ? (question mark) in the mode field to prevent insecure file and directory permissions. As a temporary workaround, consider manually adjusting the permissions of installed files and directories to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-4439

Produtos afetados

Sun Solaris 10

PT-2006-5240 · Sun · Sun Solaris 10

CVE-2006-4439

Identificadores relacionados

Produtos afetados

Referências · 10