Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris管理控制台(SMC)的日志机制和认证机制中存在安全漏洞,可能允许本地或远程非特权用户获得对Solaris系统的非授权root用户访问。 Sun Solaris 9.0_x86 Sun Solaris 9.0 Sun Solaris 8.0_x86 Sun Solaris 8.0 Sun Solaris 10_x86 Sun Solaris 10.0 临时解决方法: * 以root用户权限执行以下命令停止SMC服务器。 Solaris 8和9: # /etc/init.d/init.wbem stop Solaris 10: # svcadm disable svc:/application/management/wbem 厂商补丁: Sun --- Sun已经为此发布了安全公告(Sun-Alert-102903,Sun-Alert-102902)以及相应补丁: Sun-Alert-102903:Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 链接:<a href="http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102903-1" target="_blank">http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102903-1</a> Sun-Alert-102902:Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 链接:<a href="http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102902-1"...
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris管理控制台(SMC)的日志机制和认证机制中存在安全漏洞,可能允许本地或远程非特权用户获得对Solaris系统的非授权root用户访问。 Sun Solaris 9.0_x86 Sun Solaris 9.0 Sun Solaris 8.0_x86 Sun Solaris 8.0 Sun Solaris 10_x86 Sun Solaris 10.0 临时解决方法: * 以root用户权限执行以下命令停止SMC服务器。 Solaris 8和9: # /etc/init.d/init.wbem stop Solaris 10: # svcadm disable svc:/application/management/wbem 厂商补丁: Sun --- Sun已经为此发布了安全公告(Sun-Alert-102903,Sun-Alert-102902)以及相应补丁: Sun-Alert-102903:Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 链接:<a href="http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102903-1" target="_blank">http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102903-1</a> Sun-Alert-102902:Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 链接:<a href="http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102902-1" target="_blank">http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102902-1</a>
