Privacy and Legal Notice
TECHNICAL BULLETIN
T-230: Solaris Heap Overflow Vulnerability in w(1) Utility
September 14, 2009 14:00 GMT
|
| PROBLEM: |
A vulnerability was reported in Solaris. A local user can obtain root privileges on the target system.
|
| PLATFORM: |
Solaris 8 Operating System
Solaris 9 Operating System
Solaris 10 Operating System
OpenSolaris
|
| ABSTRACT: |
A heap overflow vulnerability in the w(1) utility may allow a local
unprivileged user to execute arbitrary code with root privileges. |
|
| IMPACT ASSESSMENT: |
This
risk is medium. A local user can trigger a heap overflow in the w(1)
utility to execute arbitrary code on the target system with root
privileges. |
|
Discussion:
A heap overflow vulnerability in the w(1) utility may allow a local unprivileged user to execute arbitrary code with root privileges.
This issue can occur in the following releases:
SPARC Platform
* Solaris 8
* Solaris 9 without patch 113718-04
* Solaris 10 without patch 142286-01
* OpenSolaris based upon builds snv_01 through snv_123
x86 Platform
* Solaris 8
* Solaris 9 without patch 113996-05
* Solaris 10 without patch 142285-01
* OpenSolaris based upon builds snv_01 through snv_123
There are no predictable symptoms to indicate that this issue has been exploited to execute arbitrary code with root privileges.
There is no workaround for this issue. Please see the solution section below.
Solution:
This issue is addressed in the following releases:
SPARC Platform
* Solaris 9 with patch 113718-04 or later
* Solaris 10 with patch 142286-01 or later
* OpenSolaris based upon builds snv_124 or later
x86 Platform
* Solaris 9 with patch 113996-05 or later
* Solaris 10 with patch 142285-01 or later
* OpenSolaris based upon builds snv_124 or later
A final resolution is pending completion for Solaris 8.
DOE-CIRC services are available to DOE, DOE Contractors, and the NIH.
DOE-CIRC can be contacted at:
Voice: 866-941-2472
E-mail: doecirc@doecirc.energy.gov
World Wide Web: http://www.doecirc.energy.gov
UCRL-MI-119788