Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1056

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-1056
Last Modified 05 Sep 2008 04:35:55
Published 11 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1056

Summary

The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.

Vulnerable Systems

Operating System

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0


References

XF - solaris-ed1-tmpfile-insecure(13952)

BID - 9199

AUSCERT - ESB-2003.0851

SUNALERT - 57443

SECUNIA - 10411

OSVDB - 2955


Last Updated: 27 May 2016 10:38:10