Title: Sun Management Center Change Manager PamVerifier Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
Sun Management Center Change Manager is a software package available for the Sun Solaris operating system. It is distributed and maintained by Sun.
A problem with Sun Management Center Change Manager may give a remote user unauthorized access to the system.
It has been reported that Sun Management Center (SunMC) Change Manager is vulnerable to a remote boundary condition error. Because of this, it may be possible for an attacker to gain administrative access to a system remotely.
The problem is in the pamverifier program. A buffer overrun in this program can result in the execution of code with the privileges of the administrative user. Because of this, an attacker could exploit this issue to compromise the administrative integrity of a vulnerable system.
It should be noted that SunMC Change Manager is an add-on component of SunMC, and is not installed with SunMC or on Solaris by default.
Affected Products:
- Sun SunMC Change Manager 1.0.0
References:
- Sun Microsystems: Sun Alert ID: 55160
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
