The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Solaris | Sun | 2.6 (including) | 2.6 (including) |
| Solaris | Sun | 7.0 (including) | 7.0 (including) |
| Sunos | Sun | - (including) | - (including) |
| Sunos | Sun | 5.7 (including) | 5.7 (including) |
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-56300-1
- http://www.ciac.org/ciac/bulletins/n-134.shtml
- http://www.securityfocus.com/bid/8461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12942
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-56300-1
- http://www.ciac.org/ciac/bulletins/n-134.shtml
- http://www.securityfocus.com/bid/8461
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12942