Sun StorADE Local Privilege Escalation Vulnerability
BID:18266
CVE-2006-2790 |Info
Sun StorADE Local Privilege Escalation Vulnerability
| Bugtraq ID: | 18266 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 05 2006 12:00AM |
| Updated: | Jul 07 2006 05:34PM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
Sun StorADE 2.4 Avaya Interactive Response 1.3 Avaya Interactive Response 1.2.1 Avaya Interactive Response Avaya CMS Server 13.0 Avaya CMS Server 12.0 Avaya CMS Server 11.0 Avaya CMS Server 9.0 Avaya CMS Server 13.1 |
| Not Vulnerable: | |
Discussion
Sun StorADE Local Privilege Escalation Vulnerability
StorAde is prone to a privilege-escalation vulnerability.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. This may facilitate a complete compromise of the affected computer.
StorAde is prone to a privilege-escalation vulnerability.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. This may facilitate a complete compromise of the affected computer.
Exploit / POC
Sun StorADE Local Privilege Escalation Vulnerability
Attackers can use standard shell commands to exploit this issue.
Attackers can use standard shell commands to exploit this issue.
Solution / Fix
Sun StorADE Local Privilege Escalation Vulnerability
Solution:
Sun has released a security advisory to address this issue.
Please see the referenced vendor advisories for more information.
Sun StorADE 2.4
Solution:
Sun has released a security advisory to address this issue.
Please see the referenced vendor advisories for more information.
Sun StorADE 2.4
References
Sun StorADE Local Privilege Escalation Vulnerability
References:
References: