减小字体
增大字体- ·上一篇文章:3Com IntelliJack交换机含NJ220回环拒绝服务漏洞.
- ·下一篇文章:黑客的精神态度.
Sun Solaris管理控制台认证日志机制权限提升漏洞.
受影响系统:
Sun Solaris 9.0_x86
Sun Solaris 9.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 10_x86
Sun Solaris 10.0
描述:
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。
Solaris管理控制台(SMC)的日志机制和认证机制中存在安全漏洞,可能允许本地或远程非特权用户获得对Solaris系统的非授权root用户访问。
厂商补丁:
Sun已经为此发布了安全公告(Sun-Alert-102903,Sun-Alert-102902)以及相应补丁:
Sun-Alert-102903:Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102903-1
Sun-Alert-102902:Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102902-1
