Sun Solaris Patch Unexpected Security Weakness
BID:9852
Info
Sun Solaris Patch Unexpected Security Weakness
| Bugtraq ID: | 9852 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 12 2004 12:00AM |
| Updated: | Mar 12 2004 12:00AM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
Sun Solaris 9_x86 Sun Solaris 9 |
| Not Vulnerable: | |
Discussion
Sun Solaris Patch Unexpected Security Weakness
Sun has announced that some patches released for Solaris may in fact present a new security weakness. The problem is said to cause the auditing functionality of the Basic Security Module (BSM) to be disabled. The issue presents itself on Solaris 9 systems with Basic Security Module (BSM) enabled and either patch 114332-08 for SPARC or 114929-06 for x86 installed.
Sun has reported that patch 114332-08 for SPARC can be replaced with patch 114332-10 and another patch will be released to address this issue in x86.
Sun has announced that some patches released for Solaris may in fact present a new security weakness. The problem is said to cause the auditing functionality of the Basic Security Module (BSM) to be disabled. The issue presents itself on Solaris 9 systems with Basic Security Module (BSM) enabled and either patch 114332-08 for SPARC or 114929-06 for x86 installed.
Sun has reported that patch 114332-08 for SPARC can be replaced with patch 114332-10 and another patch will be released to address this issue in x86.
Exploit / POC
Sun Solaris Patch Unexpected Security Weakness
An exploit for this issue is not applicable.
An exploit for this issue is not applicable.
Solution / Fix
Sun Solaris Patch Unexpected Security Weakness
Solution:
Sun has released a patch to address this issue in Solaris 9 for the SPARC Platform:
Sun Solaris 9
Solution:
Sun has released a patch to address this issue in Solaris 9 for the SPARC Platform:
Sun Solaris 9