CVE-2007-6505

Name of the Vulnerable Software and Affected Versions Sun Solaris version 9

Description The issue allows attackers to avoid detection and makes it more difficult to conduct forensics activities by generating audit records with an audit-ID of 0, even when a non-root user logs into ssh. This occurs when Solaris Auditing is enabled and certain patches for sshd are installed.

Recommendations For Sun Solaris version 9, consider disabling the Solaris Auditing feature or removing the installed sshd patches as a temporary workaround to prevent the generation of audit records with an audit-ID of 0 for non-root users. However, at the moment, there is no information about a newer version that contains a fix for this issue.