|
Dominion SX Insecure File Permission Security Issues
|
|
Secunia Advisory:
|
SA15853
|
|
|
Release Date:
|
2005-06-29
|
|
Last Update:
|
2005-07-12
|
|
Popularity:
|
4,730 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Manipulation of data
Exposure of sensitive information
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Dominion SX
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2005-2136
|
|
Description:
Dirk Wetter has reported two security issues in Dominion SX, which can be exploited by malicious, local users to disclose sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
1) The default file permission of "/etc/shadow" is set to world-readable, which makes it possible to gain knowledge of the root user's password hash.
2) The default file permission of "/bin/busybox" is set to world-writable. This can be exploited to move or delete the file and potentially execute arbitrary code with another user's privileges by replacing it with a malicious file.
The security issues have been reported in DSX4, DSX8, DSX16, DSX32, and DSXA-48.
Solution:
Apply updated firmware.
http://www.raritan.com/support/sup_upgrades.aspx
Provided and/or discovered by:
Dirk Wetter
Changelog:
2005-07-12: Added CVE reference.
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
