VULHUB ™

A problem with some releases of Solaris 8 may make it possible for local users to perform unintended actions. The problem is in the Web-Based Enterprise Management (WBEM) component packaged with recent releases of Solaris. The WBEM packages included with some releases of Solaris install files with insecure permissions. By default, some files contained within WBEM packages are installed with default group-writable permissions, and in some cases default world-writable permissions. This could lead to local users gaining write access to potentially sensitive files, and potentially launching a denial of service or privilege escalation attack. This problem is known to exist in Solaris 8 Update 1/01 and later.

A problem with some releases of Solaris 8 may make it possible for local users to perform unintended actions. The problem is in the Web-Based Enterprise Management (WBEM) component packaged with recent releases of Solaris. The WBEM packages included with some releases of Solaris install files with insecure permissions. By default, some files contained within WBEM packages are installed with default group-writable permissions, and in some cases default world-writable permissions. This could lead to local users gaining write access to potentially sensitive files, and potentially launching a denial of service or privilege escalation attack. This problem is known to exist in Solaris 8 Update 1/01 and later.