Vulnerability Note VU#694782

Sun Solaris passwd command allows for privilege escalation

Original Release date: 05 Mar 2004 | Last revised: 05 Mar 2004

Overview

Sun Solaris contains a vulnerability in the passwd(1) command which could allow for privilege escalation.

Description

The passwd command is used to update a user's authentication token(s). There is non-specific vulnerability identified in Sun Security Alert ID: 57454. This vulnerability could allow a local unprivileged user to gain root privileges.

Impact

A local unprivileged user may gain root privileges.

Solution

Apply Patch

According to Sun Microsystems, this issue is resolved in the following releases:

    SPARC Platform

    Solaris 8 with patch 108993-32 or later
    Solaris 9 with patch 113476-11 or later

    x86 Platform

    Solaris 8 with patch 108994-32 or later
    Solaris 9 with patch 114242-07 or later

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Sun Microsystems Inc.Affected-05 Mar 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Sun Microsystems credits Tim Wort for reporting this vulnerability.

This document was written by Damon Morda.

Other Information

  • CVE IDs: Unknown
  • Date Public: 26 Feb 2004
  • Date First Published: 05 Mar 2004
  • Date Last Updated: 05 Mar 2004
  • Severity Metric: 14.06
  • Document Revision: 6

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.