4.6

CVE-2004-1394

The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunSolaris Version9.0 Editionsparc
SunSunos Version5.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.253
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/10755/
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57453-1
Patch
Vendor Advisory
http://www.auscert.org.au/render.html?it=3800
Vendor Advisory
http://www.osvdb.org/3764
http://www.securityfocus.com/bid/9534
http://www.securitytracker.com/id?1008893
https://exchange.xforce.ibmcloud.com/vulnerabilities/14988