漏洞标题
N/A
漏洞描述信息
在Sun OpenSolaris snv_51throughsnv_130中,hald在未指定尝试写入 audit log 时不具有 proc_audit 权限,这使得物理接近的攻击者更容易避免对支持硬件抽象层(HAL)规范的连接硬件设备集合的改变进行检测。
CVSS信息
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Sun OpenSolaris snv_51到snv_130中安全绕过漏洞
漏洞描述信息
Sun OpenSolaris snv_51到snv_130中的hald在试图写入审计日志的过程中并不拥有proc_audit特权,这使得攻击者更易于绕开检测,更改支持Hardware Abstraction Layer (HAL)说明书的连接的硬件的设置。
CVSS信息
N/A
漏洞类别
授权问题