Solaris 11 : Multiple Kernel Vulnerabilities
High Nessus Plugin ID 100997
SynopsisThe remote Solaris host is missing a vendor-supplied security patch.
DescriptionThe remote Solaris host is missing a vendor-supplied security patch.
It is, therefore, affected by the following vulnerabilities :
- Multiple security bypass vulnerabilities exist in the Kernel subcomponent that allow a specially crafted application to circumvent the stack guard page security mechanism. A local attacker can exploit these, by using stack clash methods, to gain elevated privileges.
- A privilege escalation vulnerability exists in the Kernel subcomponent when UID binaries are invoked via a hard-link using a different pathname. A local attacker can exploit this to gain elevated privileges.
SolutionInstall SRU 188.8.131.52.0 from the Oracle support website.