Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
BID:9477
Info
Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
| Bugtraq ID: | 9477 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 22 2004 12:00AM |
| Updated: | Jan 22 2004 12:00AM |
| Credit: | This issue was reported by Sun. |
| Vulnerable: |
Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Sun Solaris 7.0_x86 Sun Solaris 7.0 |
| Not Vulnerable: | |
Discussion
Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
Sun Solaris is prone to a vulnerability that may permit unprivileged local users to cause arbitrary kernel modules to be loaded. The source of the problem is reportedly insufficient checks when modload() is called to load a module. This could be exploited to fully compromise a vulnerable system.
Sun Solaris is prone to a vulnerability that may permit unprivileged local users to cause arbitrary kernel modules to be loaded. The source of the problem is reportedly insufficient checks when modload() is called to load a module. This could be exploited to fully compromise a vulnerable system.
Exploit / POC
Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
Solution:
Sun has released patches to address this issue on Solaris 7, 8 and 9 for SPARC and x86 platforms. It should be noted that Solaris 2.6 will not be evaluated by the vendor for the presence of the vulnerability and therefore no fixes will be issued for this version.
Sun Solaris 7.0_x86
Sun Solaris 9_x86
Sun Solaris 7.0
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
Solution:
Sun has released patches to address this issue on Solaris 7, 8 and 9 for SPARC and x86 platforms. It should be noted that Solaris 2.6 will not be evaluated by the vendor for the presence of the vulnerability and therefore no fixes will be issued for this version.
Sun Solaris 7.0_x86
Sun Solaris 9_x86
Sun Solaris 7.0
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
References
Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
References:
References:
- Sun Alert ID: 57479 (Sun)