CVE-2011-0412

Name of the Vulnerable Software and Affected Versions Oracle Solaris versions 8, 9, and 10

Description The issue allows local users to obtain password hashes and conduct brute force password guessing attacks due to the storage of back-out patch files (undo.Z) unencrypted with world-readable permissions under /var/sadm/pkg/.

Recommendations For Oracle Solaris versions 8, 9, and 10, consider restricting access to the /var/sadm/pkg/ directory to minimize the risk of exploitation. As a temporary workaround, restrict read permissions on the undo.Z files to prevent unauthorized access until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.