CVE-2003-1575

Name of the Vulnerable Software and Affected Versions VERITAS File System (VxFS) versions 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9

Description The issue is related to the improper implementation of inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode. This allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem.

Recommendations For VERITAS File System (VxFS) versions 3.3.3, 3.4, and 3.5, apply MP1 Rolling Patch 02 to resolve the issue.