pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows malicious users to elevate privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun sunos 5.7 |
||
sun sunos 5.8 |
||
sun sunos 5.5.1 |
||
sun solaris 2.6 |