Solaris文本编辑程序ed存在权限提升缺陷 (SunOS,其他)
发布日期: 2003-12-21
涉及程序:
Solaris Text Editor
描述:
Solaris文本编辑程序ed存在权限提升缺陷
详细:
Solaris自带的文本编辑程序ed能错误的建立临时文件,安全者通过字符“q”进行链接,能以root权限破坏文件系统,并能造成权限提升。
受影响的系统:
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Solaris 2.6_x86
Sun Solaris 2.6
安全方法:
暂无有效安全代码
解决方案:
补丁下载:
Sun Solaris 2.6 _x86:
Sun Patch 115564-01
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=115564&method=hs
Sun Solaris 2.6:
Sun Patch 115563-01
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=115563&method=hs
Sun Solaris 7.0 _x86:
Sun Patch 115566-01
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=115566&method=hs
Sun Solaris 7.0:
Sun Patch 115565-01
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=115565&method=hs
Sun Solaris 8.0 _x86:
Sun Patch 110904-07
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=110904&method=hs
Sun Solaris 8.0:
Sun Patch 110903-07
https://sunsolve.sun.com/pub-cgi/patchDownload.pl?target=110903&method=hs