PT-2009-3729 · Sun · Opensolaris

Published

2009-03-30

Updated

2017-08-17

CVE-2009-1170

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun OpenSolaris versions snv 100 through snv 101

Description The issue allows local users with privileges in a non-global zone to execute arbitrary code in the global zone. This can occur when a global-zone user is using mdb on a non-global zone process.

Recommendations For versions snv 100 through snv 101, consider restricting the use of mdb on non-global zone processes until a fix is available. As a temporary workaround, limit privileges for non-global zone users to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-1170

Affected Products

Opensolaris

PT-2009-3729 · Sun · Opensolaris

CVE-2009-1170

Related Identifiers

Affected Products

References · 6