Vulnerabilities > CVE-2005-2032 - Arbitrary Local File Overwrite vulnerability in Sun LPAdmin

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
sun
nessus

Summary

Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.

Vulnerable Configurations

Part Description Count
OS
Sun
6

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS7_X86_107116.NASL
    descriptionSunOS 5.7_x86: lp Patch. Date this patch was last updated by Sun : Mar/22/06
    last seen2016-09-26
    modified2011-09-18
    plugin id13205
    published2004-07-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=13205
    titleSolaris 7 (x86) : 107116-20
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/09/17.
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(13205);
     script_version("1.27");
    
     script_name(english: "Solaris 7 (x86) : 107116-20");
     script_cve_id("CVE-2000-0316", "CVE-2005-2032", "CVE-2005-4797");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 107116-20");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.7_x86: lp Patch.
    Date this patch was last updated by Sun : Mar/22/06');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/107116-20");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12");
     script_cvs_date("Date: 2018/08/13 14:32:38");
     script_set_attribute(attribute:"vuln_publication_date", value: "2000/04/24");
     script_end_attributes();
    
     script_summary(english: "Check for patch 107116-20");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"107116-20", obsoleted_by:"", package:"SUNWpcu", version:"13.1,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"107116-20", obsoleted_by:"", package:"SUNWpsf", version:"13.1,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"107116-20", obsoleted_by:"", package:"SUNWpsu", version:"13.1,REV=1998.09.01.04.53");
    e +=  solaris_check_patch(release:"5.7_x86", arch:"i386", patch:"107116-20", obsoleted_by:"", package:"SUNWscplp", version:"13.1,REV=1998.09.01.04.53");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_hole(0);
    	else  
    	   security_hole(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS7_107115.NASL
    descriptionSunOS 5.7: lp Patch. Date this patch was last updated by Sun : Mar/22/06
    last seen2016-09-26
    modified2011-09-18
    plugin id13100
    published2004-07-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=13100
    titleSolaris 7 (sparc) : 107115-20
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/09/17.
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(13100);
     script_version("1.28");
    
     script_name(english: "Solaris 7 (sparc) : 107115-20");
     script_cve_id("CVE-2005-2032", "CVE-2005-4797");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 107115-20");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.7: lp Patch.
    Date this patch was last updated by Sun : Mar/22/06');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/107115-20");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12");
     script_cvs_date("Date: 2018/08/13 14:32:38");
     script_set_attribute(attribute:"vuln_publication_date", value: "2005/06/15");
     script_end_attributes();
    
     script_summary(english: "Check for patch 107115-20");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"107115-20", obsoleted_by:"", package:"SUNWpcu", version:"13.1,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"107115-20", obsoleted_by:"", package:"SUNWpsf", version:"13.1,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"107115-20", obsoleted_by:"", package:"SUNWpsu", version:"13.1,REV=1998.09.01.04.16");
    e +=  solaris_check_patch(release:"5.7", arch:"sparc", patch:"107115-20", obsoleted_by:"", package:"SUNWscplp", version:"13.1,REV=1998.09.01.04.16");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_warning(0);
    	else  
    	   security_warning(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_114980.NASL
    descriptionSunOS 5.9_x86: lp Patch. Date this patch was last updated by Sun : Nov/30/10
    last seen2016-09-26
    modified2015-01-15
    plugin id13619
    published2004-07-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=13619
    titleSolaris 9 (x86) : 114980-31
    code
    #%NASL_MIN_LEVEL 999999
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/09/17.
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(13619);
     script_version("1.46");
    
     script_name(english: "Solaris 9 (x86) : 114980-31");
     script_cve_id("CVE-2005-2032", "CVE-2005-4797", "CVE-2009-2972");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 114980-31");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.9_x86: lp Patch.
    Date this patch was last updated by Sun : Nov/30/10');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/114980-31");
     script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
     script_cwe_id(399);
     script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12");
     script_cvs_date("Date: 2018/08/13 14:32:38");
     script_set_attribute(attribute:"vuln_publication_date", value: "2005/06/15");
     script_end_attributes();
    
     script_summary(english: "Check for patch 114980-31");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
    include("solaris.inc");
    
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpcu", version:"13.1,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWppm", version:"11.9.0,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsf", version:"13.1,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsr", version:"13.1,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsu", version:"13.1,REV=2002.11.04.02.51");
    e +=  solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWscplp", version:"13.1,REV=2002.11.04.02.51");
    if ( e < 0 ) { 
    	if ( NASL_LEVEL < 3000 ) 
    	   security_hole(0);
    	else  
    	   security_hole(port:0, extra:solaris_get_report());
    	exit(0); 
    } 
    exit(0, "Host is not affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_109320.NASL
    descriptionSunOS 5.8: lp patch. Date this patch was last updated by Sun : Nov/07/08
    last seen2020-06-01
    modified2020-06-02
    plugin id13319
    published2004-07-12
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13319
    titleSolaris 8 (sparc) : 109320-22
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_X86_109321.NASL
    descriptionSunOS 5.8_x86: lp patch. Date this patch was last updated by Sun : Nov/07/08
    last seen2020-06-01
    modified2020-06-02
    plugin id13427
    published2004-07-12
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13427
    titleSolaris 8 (x86) : 109321-22