Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Sun(sm):Text Editor ed(1) Creates Temporary Files in an Unsafe

Dec 12, 2003 5:21AM PST

Sun(sm) Alert Notification

* Sun Alert ID: 57443
* Synopsis: Text Editor ed(1) Creates Temporary Files in an Unsafe
Manner
* Category: Security
* Product: Solaris
* BugIDs: 4397459
* Avoidance: Patch
* State: Resolved
* Date Released: 10-Dec-2003
* Date Closed: 10-Dec-2003
* Date Modified:

1. Impact

Unprivileged local users may be able to overwrite or create any file
on the system if "root" uses the text editor ed(1).

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform
* Solaris 2.6 without patch 115563-01
* Solaris 7 without patch 115565-01
* Solaris 8 without patch 110903-06

x86 Platform
* Solaris 2.6 without patch 115564-01
* Solaris 7 without patch 115566-01
* Solaris 8 without patch 110904-06

Note: Solaris 9 is not affected by this issue.

3. Symptoms

There are no symptoms that would show the vulnerability in ed(1) has
been exploited, as it depends on which file was overwritten or
created.
SOLUTION SUMMARY:

4. Relief/Workaround

There is no workaround. Please see the "Resolution"

http://www.uniras.gov.uk/l1/l2/l3/brief2003/brief-67303.txt

Discussion is locked