Sun Alert 262088 Security Vulnerability in the Solaris auditconfig(3M) Command May Allow Users With an Associated RBAC Profile to Gain Elevated Privileges

Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

A security vulnerability in the Solaris auditconfig(1M) command may allow a local user who has been assigned an RBAC execution profile which specifies additional privileges for auditconfig(1M) such as the "Audit Control" profile, to execute arbitrary commands with the privileges specified in the RBAC profile.

State: Resolved
First released: 25-Jun-2009
Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today