In association with heise online

24 July 2006, 13:47

Sun plugs hole in Solaris kernel

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A vulnerability in the Solaris kernel could allow users on multi-user systems to spy on other users' data. The flaw is related to an integer overflow in the systeminfo.c. module, reports iDefense. When certain parameters are entered, the function copies parts of the kernel memory into the user space, even if the process is being called up by a user with restricted rights. Under certain circumstances , attackers could be provided data such as keys and passwords. The flaw affects Solaris 10. Sun has released an update for Sparc and x86.

Please see also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit