The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103029 Two Security Vulnerabilities in Solaris 8 Role Based Access Control (rbac(5)) may Allow Unauthorized Remote Access

Guest Author
Product: Solaris 8 Operating System

Two security vulnerabilities in the Solaris 8 Role Based Access Control (RBAC) mechanism on hosts on which RBAC roles (see rbac(5)) have been created may allow a remote user who knows the passwords for certain roles to gain unauthorized access to the system via the role accounts. If the root user has been assigned a role, a remote user who knows the password for that role may gain unauthorized root privileges on the system.

Avoidance: Patch, Workaround
State: Resolved
First released: 16-Aug-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.