[SECURITY-L] CAIS-Alerta: Vulnerabilidade no Runtime Linker ld.so.1(1) do Solaris

Seg Ago 4 09:48:25 -03 2003

----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br> -----

From: Centro de Atendimento a Incidentes de Seguranca <cais em cais.rnp.br>
Subject: CAIS-Alerta: Vulnerabilidade no Runtime Linker ld.so.1(1) do Solaris
To: rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br
Date: Fri, 1 Aug 2003 17:27:33 -0300 (BRT)

-----BEGIN PGP SIGNED MESSAGE-----

Prezados,

	O CAIS está repassando o alerta divulgado pela Sun, Sun(sm) Alert
Notification (Sun Alert ID: 55680): Security Vulnerability in the Solaris
Runtime Linker ld.so.1(1), que trata de uma vulnerabilidade identificada
em ld.so.1 cuja exploração pode permitir a obtenção de privilégios do
usuário root.

Sistemas afetados:

Plataforma SPARC

    * Solaris 2.6 com o patch 107733-10  e sem o patch 107733-11
    * Solaris 7 com os patches 106950-14 ate 106950-22 e sem o patch 106950-23
    * Solaris 8 com os patches 109147-07 ate 109147-24 e sem o patch 109147-25
    * Solaris 9 sem o patch 112963-09

Plataforma x86

    * Solaris 2.6 com o patch 107734-10  e sem o patch 107734-11
    * Solaris 7 com os patches 106951-14 ate 106951-22  e sem o patch 106951-23
    * Solaris 8 com os patches 109148-07 ate 109148-24  e sem o patch 109148-25
    * Solaris 9 sem o patch 113986-05

Correções disponíveis:

As correcoes para esta vulnerabilidades estao contempladas nas seguintes
versoes:

* Plataforma SPARC

    * Solaris 2.6 with patch 107733-11 or later
    * Solaris 7 with patch 106950-23 or later
    * Solaris 8 with patch 109147-25 or later
    * Solaris 9 with patch 112963-09 or later

* Plataforma x86

    * Solaris 2.6 with patch 107734-11 or later
    * Solaris 7 with patch 106951-23 or later
    * Solaris 8 with patch 109148-25 or later
    * Solaris 9 with patch 113986-05 or later

Maiores Informacoes:

http://www.idefense.com/advisory/07.29.03.txt
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680

Identificador do CVE: CAN-2003-0609 (http://cve.mitre.org)

O CAIS recomenda aos administradores de plataformas Solaris que mantenham
seus sistemas e aplicativos sempre atualizados.

Atenciosamente,

################################################################
#   CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA / RNP      #
#                                                              #
# cais em cais.rnp.br     http://www.cais.rnp.br                  #
# Tel. 019-37873300    Fax. 019-37873301                       #
# Chave PGP disponivel em: http://www.cais.rnp.br/cais-pgp.key #
################################################################

 Sun(sm) Alert Notification

    * Sun Alert ID: 55680
    * Synopsis: Security Vulnerability in the Solaris Runtime Linker ld.so.1(1)
    * Category: Security
    * Product: Solaris
    * BugIDs: 4872634
    * Avoidance: Patch
    * State: Resolved
    * Date Released: 29-Jul-2003
    * Date Closed: 29-Jul-2003
    * Date Modified:

1. Impact

An unprivileged local user may be able to gain unauthorized root
privileges due to a buffer overflow in the runtime linker ld.so.1(1).

Sun acknowledges with thanks, Jouko Pynnönen (jouko em iki.fi) for bringing
this issue to our attention and iDEFENSE Inc. (www.idefense.com) for
coordinating the release of this issue.

This issue is described in iDEFENSE Advisory located at:

	http://www.idefense.com/advisory/07.29.03.txt.

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform

    * Solaris 2.6 with patch 107733-10 and without patch 107733-11
    * Solaris 7 with patches 106950-14 through 106950-22 and without patch 106950-23
    * Solaris 8 with patches 109147-07 through 109147-24 and without patch 109147-25
    * Solaris 9 without patch 112963-09

x86 Platform

    * Solaris 2.6 with patch 107734-10 and without patch 107734-11
    * Solaris 7 with patches 106951-14 through 106951-22 and without patch 106951-23
    * Solaris 8 with patches 109148-07 through 109148-24 and without patch 109148-25
    * Solaris 9 without patch 113986-05

3. Symptoms

There are no reliable symptoms that would show the described issue has
been exploited.

Solution Summary

4. Relief/Workaround

There is no workaround. Please see the "Resolution" section below.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform

    * Solaris 2.6 with patch 107733-11 or later
    * Solaris 7 with patch 106950-23 or later
    * Solaris 8 with patch 109147-25 or later
    * Solaris 9 with patch 112963-09 or later

x86 Platform

    * Solaris 2.6 with patch 107734-11 or later
    * Solaris 7 with patch 106951-23 or later
    * Solaris 8 with patch 109148-25 or later
    * Solaris 9 with patch 113986-05 or later

This Sun Alert notification is being provided to you on an "AS IS" basis.
This Sun Alert notification may contain information provided by third
parties. The issues described in this Sun Alert notification may or may
not impact your system(s). Sun makes no representations, warranties, or
guarantees as to the information contained herein. ANY AND ALL WARRANTIES,
EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT,
ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN
SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE
TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification
contains Sun proprietary and confidential information. It is being
provided to you pursuant to the provisions of your agreement to purchase
services from Sun, or, if you do not have such an agreement, the Sun.com
Terms of Use. This Sun Alert notification may only be used for the
purposes contemplated by these agreements.