Solaris iSCSI Management Commands Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1022924 |
|
SecurityTracker URL: http://securitytracker.com/id/1022924
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Sep 22 2009
|
Impact:
Execution of arbitrary code via local system, User access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 10, OpenSolaris
|
Description:
A vulnerability was reported in Solaris. A local user can obtain elevated privileges on the target system.
A local user that has been assigned an RBAC execution profile which specifies additional privileges for the iscsiadm(1M) or iscsitadm(1M) commands (e.g., the "File System Management" profile) can execute arbitrary commands with the privileges specified in the RBAC profile.
|
Impact:
A local user can obtain elevated privileges on the target system in certain configurations.
|
Solution:
The vendor has issued a fix.
SPARC Platform
* Solaris 10 with patch 119090-33 or later
* OpenSolaris based upon builds snv_110 or later
x86 Platform
* Solaris 10 with patch 119091-34 or later
* OpenSolaris based upon builds snv_110 or later
The vendor's advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-261849-1
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-66-261849-1 (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 22 Sep 2009 07:02:43 -0400
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-66-261849-1
|
261849
Title: A Security Vulnerability in the Solaris iSCSI Management Commands (iscsiadm(1M) and iscsitadm(1M)) may Allow Privilege Escalation
|
|
