World and Group Write Permissions in Solaris WBEM Packages

World and Group Write Permissions in Solaris WBEM Packages

CVE-2002-1590 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service.

Learn more about our Web App Pen Testing.