Oracle Solaris Third-Party Patch Update : ibutils (cve_2013_2561_link_following)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Synopsis :

The remote Solaris system is missing a security patch for third-party

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- OpenFabrics ibutils 1.5.7 allows local users to
overwrite arbitrary files via a symlink attack on (1)
ibdiagnet.db, (2) ibdiagnet.fdbs, (3)
ibdiagnet_ibis.log, (4) ibdiagnet.log, (5)
ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey,
(8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) in /tmp/. (CVE-2013-2561)

See also :

Solution :

Upgrade to Solaris

Risk factor :

Medium / CVSS Base Score : 6.3

Family: Solaris Local Security Checks

Nessus Plugin ID: 80640 ()

Bugtraq ID:

CVE ID: CVE-2013-2561

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now