Solaris ping Local Overflow

2004-11-30T00:00:00
ID OSVDB:12168
Type osvdb
Reporter OSVDB
Modified 2004-11-30T00:00:00

Description

Vulnerability Description

Sun Solaris ping(1M) utility contains a flaw that may allow a malicious local user to gain access to unauthorized privileges. The issue is triggered when an unspecified buffer overflow condition occurs and may lead to a loss of integrity.

Solution Description

This issue is addressed in the following releases:

SPARC Platform

Solaris 7 with patch 118313-01 or later Solaris 8 with patch 116986-02 or later Solaris 9 with patch 116774-03 or later

x86 Platform

Solaris 7 with patch 118314-01 or later Solaris 8 with patch 116987-02 or later Solaris 9 with patch 116775-03 or later

It is also possible to correct the flaw by implementing the following workaround(s): 1. Remove the "set-user-ID" bit from the ping(1M) utility will prevent unprivileged users from using the ping(1M) command

  1. Enable non-executable program stacks will prevent buffer overflow condition occurs.

Short Description

Sun Solaris ping(1M) utility contains a flaw that may allow a malicious local user to gain access to unauthorized privileges. The issue is triggered when an unspecified buffer overflow condition occurs and may lead to a loss of integrity.

References:

Security Tracker: 1012368 Secunia Advisory ID:13340 Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57675-1 ISS X-Force ID: 18310 CVE-2004-1352 Bugtraq ID: 11782