CVE Vulnerabilities

CVE-2004-1394

Published: Dec 31, 2004 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.

Affected Software

Name Vendor Start Version End Version
Solaris Sun 9.0 9.0
Sunos Sun 5.8 5.8

References