OSVDB ID: 55051

Title: Solaris Secure Digital Slot Driver Unspecified Local Privilege Escalation

Info

Disclosure

May 21, 2009

Discovery

Unknown

Dates

Exploit

Unknown

Solution

May 21, 2009

Description

Classification

Location: Local Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Solution: Workaround, Patch / RCS
Disclosure: Vendor Verified

Solution

Sun has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): the Secure Digital slot driver (sdhost(7D)) can be disabled by running the following command as root: # remdrv sdhost

Products

Unknown or Incomplete

References

Security Tracker: 1022271
CVE ID: 2009-1763 (see also: NVD)
Bugtraq ID: 35069
ISS X-Force ID: 50687
Vendor Specific Solution URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-259408-1
Other Advisory URL: http://www.vupen.com/english/advisories/2009/1410

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/55051