Sun Solaris Veritas文件系统未授权信息访问漏洞发布时间:2003-06-27 更新时间:2003-05-27 严重程度:中 威胁程度:用户敏感信息泄露 错误类型:配置错误 利用方式:服务器模式 BUGTRAQ ID:8053 受影响系统 Sun Solaris 2.5.1详细描述 Sun Solaris系统的VxFS实现允许未授权本地用户获得对敏感信息的访问权利。 漏洞存在于当新的VxFS文件系统建立时不正确设置ACL权限。可导致攻击者访问部分本来应该受限制的敏感信息。 测试代码 尚无 解决方案 补丁下载: Sun Solaris 2.6: Sun Patch 110433-08 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=110433&rev=08 For Veritas File System (VxFS) 3.4 Sun Solaris 7.0: Sun Patch 110434-09 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=110434&rev=09 For Veritas File System (VxFS) 3.4 Sun Patch 113205-05 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113205&rev=05 For Veritas File System (VxFS) 3.5 Sun Solaris 8.0: Sun Patch 110435-08 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=110435&rev=08 For Veritas File System (VxFS) 3.4 Sun Patch 113206-05 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113206&rev=05 For Veritas File System (VxFS) 3.5 Sun Solaris 9.0: Sun Patch 113604-01 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113604&rev=01 For Veritas File System (VxFS) 3.4 Sun Patch 113207-05 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113207&rev=05 For Veritas File System (VxFS) 3.5 相关信息 参考:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F55060 |
