Oval Definition:oval:org.mitre.oval:def:8272
Revision Date:2007-09-10Version:16
Title:Security Vulnerability in rm(1) may Lead to Unauthorized Deletion of Files or Directories
Description:Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-0895
Platform(s):Sun Solaris 10
Sun Solaris 8
Sun Solaris 9
Product(s):
Definition Synopsis
  • Solaris 8 (SPARC) meets Sun Alert 102782
  • Solaris 8 (SPARC) is installed
  • AND NOT Patch 124969-01 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert 102782
  • Solaris 9 (SPARC) is installed
  • AND NOT Patch 123372-02 or later installed
  • OR Solaris 10 (SPARC) meets Sun Alert 102782
  • Solaris 10 (SPARC) is installed
  • AND NOT Patch 124244-01 or later installed
  • OR Solaris 8 (x86) meets Sun Alert 102782
  • Solaris 8 (x86) is installed
  • AND NOT Patch 124970-01 or later installed
  • OR Solaris 9 (x86) meets Sun Alert 102782
  • Solaris 9 (x86) is installed
  • AND NOT Patch 123373-02 or later installed
  • OR Solaris 10 (x86) meets Sun Alert 102782
  • Solaris 10 (x86) is installed
  • AND NOT Patch 124245-01 or later installed
    • BACK