Published: 29/03/2010 Updated: 10/10/2018

CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4

VMScore: 345

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N

Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun solaris

Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W Cashdollar 7/3/2013 @_larry0 If the system administrator is updating the system using update manager or smpatch (multi user mode) a local user could execute commands as root This only affects x86 systems as this code resides under a case statement checking that the platform is ...

source: wwwsecurityfocuscom/bid/54919/info Solaris 10 Patch 137097-01 is prone to a local privilege-escalation vulnerability Local attackers can exploit this issue to gain elevated privileges on affected computers #!/usr/bin/perl $clobber = "/etc/passwd"; while(1) { open ps,"ps -ef | grep -v grep |grep -v PID |"; while(<ps>) ...

source: wwwsecurityfocuscom/bid/38928/info Sun Connection Update Manager for Solaris creates temporary files in an insecure manner An attacker with local access could potentially exploit these issues to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application Successfully mounting a symlink ...

CWE-59 http://www.securityfocus.com/bid/38928 https://exchange.xforce.ibmcloud.com/vulnerabilities/57149 http://www.securityfocus.com/archive/1/510311/100/0/threaded http://www.securityfocus.com/archive/1/510305/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/26709/

CVE-2010-1183

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect