Vulnerabilities > CVE-2004-1394 - Unspecified vulnerability in SUN Solaris and Sunos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
References
- http://secunia.com/advisories/10755/
- http://secunia.com/advisories/10755/
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57453-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57453-1
- http://www.auscert.org.au/render.html?it=3800
- http://www.auscert.org.au/render.html?it=3800
- http://www.osvdb.org/3764
- http://www.osvdb.org/3764
- http://www.securityfocus.com/bid/9534
- http://www.securityfocus.com/bid/9534
- http://www.securitytracker.com/id?1008893
- http://www.securitytracker.com/id?1008893
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14988
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14988