1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA33328

Sun SNMP Management Agent Insecure Temporary Files

Report ID: SA33328
Source: Secunia
Date of Discovery: 26.12.2008
Criticality: Low
Affects:
Sun SNMP Management Agent 1.x
Compromise From: Local system
Compromise Type: Privilege escalation

Summary

A security issue has been reported in Sun SNMP Management Agent, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

Detailed Description

A security issue has been reported in Sun SNMP Management Agent, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The problem is caused due to the agent using temporary files in an insecure manner. This can be exploited to overwrite arbitrary files via symlink attacks.

Solution

Update to version 1.5.5 or later (for Solaris 8, 9, and 10).
http://www.sun.com/download/