The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103061 Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access

Guest Author
Product: Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

A security vulnerability in the Solaris Named Pipes (pipe(2)) may allow a local unprivileged user to gain access to unauthorized memory locations. This may allow a local unprivileged user to read potentially sensitive data in the kernel's memory layout or in the memory layouts of other processes running on the system.

Additional information on Solaris Named Pipes (pipe(2)) is available at:

Sun acknowledges, with thanks, an anonymous researcher working with the VeriSign iDefense VCP.

Avoidance: Patch
State: Resolved
First released: 02-Oct-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.