[Sec-cert] [Sun] Schwachstelle in den Solaris Trusted Extensions - Sun Alert 275410

WiN Site Security Contacts win-sec-ssc at lists.dfn-cert.de
Do Jan 14 16:36:49 CET 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgendes Sun Security Advisory. Wir geben
diese Informationen unveraendert an Sie weiter.

Sun Bug ID 6902322 - Schwachstelle in den Solaris Trusted Extensions

  In den Solaris Trusted Extensions befindet sich eine Schwachstelle im
  Zusammenhang mit nicht ausgelieferten Bibliotheken. Ein lokaler
  Angreifer mit root-Rechten kann damit seine Rechte so erweitern, dass
  ein Umgehen der Beschraenkungen fuer root moeglich ist.

Betroffen sind die folgenden Software Pakete und Plattformen:

  Solaris Trusted Extensions

  SPARC Plattform
  * Solaris 10 ohne Patch 143502-01
  
  x86 Plattform
  * Solaris 10 ohne Patch 143503-01

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

Hersteller Advisory:
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1


(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
		Klaus Moeller, DFN-CERT

- -- 
Dipl. Inform. Klaus Moeller (Incident Response Team)
Phone: +49 40 808077-555, Fax: +49 40 808077-556

DFN-CERT Services GmbH, https://www.dfn-cert.de,  Phone  +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805,  Ust-IdNr.:  DE 232129737
Sachsenstrase 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

17. DFN Workshop    "Sicherheit in vernetzten Systemen"    09./10.02.2010
Informationen unter https://www.dfn-cert.de/veranstaltungen/workshop.html

Alert URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1
Sun Security Alert: 275410

   A Security Vulnerability in Solaris Trusted Extensions due to Missing
   Libraries may Allow Privilege Escalation
    __________________________________________________________________

   Category :                 Security
   Release Phase :            Resolved
   Bug Id :                   6902322
   Product :                  Solaris 10 Operating System
   Date of Resolved Release : 11-Jan-2010
A security vulnerability in Solaris Trusted Extensions due to missing libraries
 may allow privilege escalation:

   1. Impact
   A security vulnerability in Solaris Trusted Extensions due to libraries
   which were not delivered with the Trusted Extensions may allow a local
   privileged user to run arbitrary code with elevated privileges.
   2. Contributing Factors
   This issue can occur in the following releases:
   SPARC Platform
     * Solaris 10 without patch 143502-01

   x86 Platform
     * Solaris 10 without patch 143503-01

   Note 1: Solaris 8, 9 and OpenSolaris are not impacted by this issue.
   Releases prior to Solaris 10 11/06 do not include Solaris Trusted
   Extensions and therefore are not vulnerable to this issue.
   Note 2: This issue only impacts systems that have Solaris Trusted
   Extensions installed and running. To determine if  a system is
   configured with Trusted Extensions and running on a host, execute the
   following command in the global zone:
    $ svcs labeld
    online      16:19:20 svc:/system/labeld:default

   If the state is "disabled" or if "/system/labeld" service is not
   listed, then the system is not configured to use Trusted Extensions.


   3. Symptoms
   There are no predictable symptoms that would indicate the described
   issue has been exploited to gain elevated privileges..
   4. Workaround
   There is no workaround for this issue. Please see the Resolution
   section below.
   5. Resolution
   This issue is addressed in the following releases:
   SPARC Platform
     * Solaris 10 with patch 143502-01 or later

   x86 Platform
     * Solaris 10 with patch 143503-01 or later

   For more information on Security Sun Alerts, see Technical Instruction
   ID 213557.

   This Sun Alert notification is being provided to you on an "AS IS"
   basis. This Sun Alert notification may contain information provided by
   third parties. The issues described in this Sun Alert notification may
   or may not impact your system(s). Sun makes no representations,
   warranties, or guarantees as to the information contained herein. ANY
   AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
   WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
   NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
   ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
   INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
   OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This
   Sun Alert notification contains Sun proprietary and confidential
   information. It is being provided to you pursuant to the provisions of
   your agreement to purchase services from Sun, or, if you do not have
   such an agreement, the Sun.com Terms of Use. This Sun Alert
   notification may only be used for the purposes contemplated by these
   agreements.
   Copyright 2000-2010 Sun Microsystems, Inc., 4150 Network Circle, Santa
   Clara, CA 95054 U.S.A. All rights reserved.
   Attachments
This solution has no attachment



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD4DBQFLTzoRWmhIvjFb90URArDsAJsEBR8zon2oLWm895M0uNkMZZZSawCXVDyW
/LFNr0u3UViFwy0ep+oTrg==
=JSaS
-----END PGP SIGNATURE-----



Mehr Informationen über die Mailingliste Sec-cert