Sun Solaris "snoop" Utility Remote Command Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 7 Aug 2008 4909 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Sun Solaris, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by unspecified errors in the "snoop" network utility when displaying SMB traffic, which may allow a remote attacker to execute arbitrary commands as the user "nobody" or possibly another local user.

Impact

  • Remote Code Execution

System / Technologies affected

  • Sun Solaris 10
  • Sun Solaris 9
  • Sun Solaris 8
  • Sun OpenSolaris builds snv_01 through snv_95

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

SPARC Platform

  • Sun Solaris 10 (SPARC) - Apply patch 138083-01
  • Sun Solaris 9 - Apply patch 112915-05
  • Sun Solaris 8 - Apply patch 108964-11
  • Sun OpenSolaris - Upgrade to build snv_96 or later

x86 Platform

  • Sun Solaris 10 (x86) - Apply patch 138084-01
  • Sun Solaris 9 (x86) - Apply patch 114262-04
  • Sun Solaris 8 (x86) - Apply patch 108965-11
  • Sun OpenSolaris - Upgrade to build snv_96 or later

Vulnerability Identifier

Source

Related Link

Share with

Previous

CA ARCserve Backup LGServer Service Vulnerability

5 Aug 2008 4875 Views

Next

Microsoft Windows Messenger Information Disclosure Vulnerability( 13 August 2008 )

13 Aug 2008 4684 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY