PT-2009-3751 · Sun · Opensolaris+1
Publicado
2009-04-01
·
Atualizado
2017-09-29
·
CVE-2009-1207
CVSS v2.0
4.4
Média
| Vetor | AV:L/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Sun Solaris versions 8 through 10
OpenSolaris versions snv 01 through snv 111
Description
A race condition issue exists in the dircmp script, potentially allowing local users to overwrite arbitrary files. This could involve a symlink attack on temporary files.
Recommendations
For Sun Solaris versions 8 through 10, consider disabling the dircmp script until a patch is available.
For OpenSolaris versions snv 01 through snv 111, restrict access to the dircmp script to minimize the risk of exploitation.
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Opensolaris
Sun Solaris