A security vulnerability in the "/opt/lanman/sbin/slsmgr" command in PC NetLink 2.0 may allow files to be opened insecurely, which could allow an unprivileged local user the ability to write to the filesystem with the permissions of the user running "slsmgr." If "slsmgr" is run as "root," it may allow a local unprivileged user to gain elevated privileges on the system and run arbitrary commands.

This issue can occur in the following release:

SPARC Platform

• PC NetLink 2.0 (for Solaris 7, 8 and 9) without patch 121209-01

Notes:

1. Solaris for x86 is not affected by this issue.
2. Solaris 10 is not affected by this issue.
3. PC NetLink 1.0, 1.1 and 1.2 are not affected by this issue.

To determine the version of PC NetLink on a system, the following command can be run:

    $ /opt/lanman/bin/net version
    Solaris (TM) PC NetLink, Version 2.0,REV=2.0.xx
    UNIX Systems Server

To determine if the SUNWlzag package (for slsmgr) is installed on a system, the following command can be run:

    $ pkginfo -l SUNWlzag
      PKGINST:  SUNWlzag
         NAME:  Solaris (TM) PC NetLink Adm GUI
     CATEGORY:  system
         ARCH:  sparc
      VERSION:  2.0,REV=rr24
      BASEDIR:  /
       VENDOR:  Sun Microsystems, Inc.
         DESC:  Solaris (TM) PC NetLink Administration Java GUI components

There are no predictable symptoms that would indicate the described issue has been exploited.

There is no workaround for this issue. Please see the "Resolution" section below.

This issue is addressed in the following release:

SPARC Platform

• PC NetLink 2.0 (for Solaris 7, 8 and 9) with patch 121209-01 or later

This solution has no attachment