Sun Solaris PGX32 frame buffer could allow root privileges
| solaris-pgx32-gain-privileges (13792) |  High Risk |
Description:
The PGX32 Graphics Accelerator frame buffer, when running on Sun Solaris platforms, could allow a local attacker to gain root privileges on the system, caused by a vulnerability in libraries linked with the frame buffer.
Consequences:
Gain Privileges
Remedy:
Apply the appropriate patch for your system, as listed below. Refer to Sun Alert ID: 57360 for more information. See References.
(Sparc)
Solaris 2.5.1: 107714-25 and 107851-25 or later
Solaris 2.6: 107715-25 and 107851-25 or later
Solaris 7: 107716-26 and 107851-25 or later
Solaris 8: 109154-20 or later
Solaris 9: 112601-09 or later
References:
- CIAC Information Bulletin O-029: Sun Security Vulnerability on Sun Systems with a PGX32 Frame Buffer.
- Sun Alert ID: 57360: Security Vulnerability on Sun Systems With a PGX32 Frame Buffer.
- BID-9076: Sun Solaris PGX32 Libraries Unspecific Privilege Escalation Vulnerability
- CVE-2003-1059: Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
- OSVDB ID: 2839: Solaris PGX32 Frame Buffer Privilege Escalation
- SA10267: Sun Solaris PGX32 Frame Buffer Privilege Escalation Vulnerability
Platforms Affected:
- Sun Solaris 2.5.1
- Sun Solaris 2.6
- Sun Solaris 7.0
- Sun Solaris 8
- Sun Solaris 9
Reported:
Nov 19, 2003
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net