Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1071

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2003-1071
Last Modified 10 Sep 2008 03:21:39
Published 03 Jan 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1071

Summary

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

Vulnerable Systems

Operating System

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

CERT-VN - VU#944241

XF - solaris-wall-message-spoofing(11608)

SUNALERT - 51980

BUGTRAQ - 20030103 Solaris 2.x /usr/sbin/wall Advisory

SECUNIA - 7825

SECTRACK - 1006682

SECTRACK - 1005882

BID - 6509


Last Updated: 27 May 2016 10:38:10