发布时间 :1993-10-01 00:00:00
修订时间 :2008-09-05 16:18:48

[原文]The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.

[CNNVD]Solaris 和SunOS /dev/audio权限许可漏洞(CNNVD-199310-001)

        Solaris 2.2和早期版本以及SunOS 4.1.x版本中/dev/audio设备的许可权限存在漏洞。本地任意用户可以读取设备信息,攻击者可以监视有麦克风机器附近的会话。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:sun:sunos:5.0Sun Microsystems Solaris 2.0
cpe:/o:sun:sunosSun SunOS (formerly Solaris)
cpe:/o:sun:sunos:4.1Sun SunOS 4.1

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  XF  sun-audio(549)

- 漏洞信息

Solaris 和SunOS /dev/audio权限许可漏洞
低危 未知
1993-10-01 00:00:00 2005-05-02 00:00:00
        Solaris 2.2和早期版本以及SunOS 4.1.x版本中/dev/audio设备的许可权限存在漏洞。本地任意用户可以读取设备信息,攻击者可以监视有麦克风机器附近的会话。

- 公告与补丁


- 漏洞信息

Solaris /dev/audio World Read Permission
Local Access Required Information Disclosure
Loss of Confidentiality
Exploit Unknown

- 漏洞描述

Solaris / SunOS device file /dev/audio contains a flaw that may lead to unauthorized information disclosure.  The issue is triggered when a local user accesses the device, allowing the third party to listen conversations in the same room as the compromised workstation. The may result is a loss of confidentiality.

- 时间线

1993-10-01 Unknow
1993-10-01 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): As a superuser, change the permissions and owner of /dev/audio and /dev/audioctl. Each user who wants access to the device will need to have ownership of those two files. To restrict access to the audio devices using SunOS 4.1.x /etc/fstab file, append the following text: /dev/console 0600 /dev/audio /dev/console 0600 /dev/audioctl

- 相关参考

- 漏洞作者