Sun Security Blog
|
26 Jan 2010
Sun Alert 275790 A Security Vulnerability Exists if an OpenSolaris System was Joined to a Windows Domain Using kclient(1M) or smbadm(1M)
Product: OpenSolaris An insecure default configuration security vulnerability exists in theway the Kerberos client utility (kclient(1M)) and the CIFSconfiguration utility (smbadm(1M)) join a Windows Active Directorydomain. State: Resolved First released: 26-Jan-2010
Permalink
|
25 Jan 2010
Sun Alert 274990 Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite
Product: Sun Java System Web Server 6.1, Sun Java System Web Server 7.0, Sun Java System Web Proxy Server 4.0, Sun Java System Application Server Enterprise Edition 8.2, Sun GlassFish Enterprise Server v2.1 A security vulnerability in the in Transport Layer Security (TLS) andSecure Sockets Layer 3.0 (SSLv3) protocols in the handling of session renegotiations affects Network Security Services (NSS)libraries bundled with the following products: - Sun Java System Web Server - Sun Java System Web Proxy Server - Sun Java System Application Server - Sun GlassFish Enterprise Server Systems running these server applications are susceptible to aman-in-the-middle attack whereby a remote unauthenticated user with theability to intercept and control network traffic may sendunauthenticated request at the beginning of an HTTPS session that isprocessed retroactively by the server. The vulnerability does not allowone to decrypt the HTTPS responses or requests in the session. This issue is referenced in the following document: CVE-2009-3555 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 Sun acknowledges with thanks, Marsh Ray and Steve Dispensa ofPhoneFactor for bringing this issue to our attention. Please also see SunAlert 273350 that describes this issue in NSS libraries providedwith Solaris and Sun Java System Enterprise System 5. State: Workaround First released: 07-Jan-2010
Permalink
|
22 Jan 2010
Sun Alert 273169 Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning
Product: Solaris 9, Solaris 10, OpenSolaris A security vulnerability in the BIND DNS software shipped with Solarismay allow a remote user who is able to perform recursive queries tocause a server that is configured to support DNSSEC validation andrecursive client queries to return incorrect addresses for Internethosts, thereby redirecting end users to unintended hosts or services. This issue is also mentioned in the following documents:
State: Workaround First released: 24-Nov-2009
Permalink
|
21 Jan 2010
Sun Alert 275890 Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses
Product: Solaris 9, Solaris 10, OpenSolaris Multiple security vulnerabilities have been identified in BINDDNSSEC bundled with Solaris: 1. An authentication security vulnerability in named(1M) may allow aremote unprivileged user to cause named(1M) to return incorrectaddresses for Internet hosts, thereby redirecting end users tounintended hosts or services. This issue is also referenced in the following documents: US-CERT Vulnerability Note VU#418861 athttp://www.kb.cert.org/vuls/id/418861 CVE-2009-4022 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 2. A vulnerability in the way named(1M) handles recursive clientqueries may allow a remote unprivileged user to cause named(1M) toreturn NXDOMAIN (Non-Existent Domain) for Internet hosts thus causing aDenial of Service (DoS) for those hosts to end users. This issue is also referenced in the following documents: US-CERT Vulnerability Note VU#360341 athttp://www.kb.cert.org/vuls/id/360341 CVE-2010-0097 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 Also at https://www.isc.org/advisories/CVE-2010-0097 State: Workaround First released: 21-Jan-2010
Permalink
|
20 Jan 2010
Sun Alert 270268 Multiple Integer Overflow Vulnerabilities in the FreeType 2 Font Engine May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
Product: Solaris 8, Solaris 9, Solaris 10, OpenSolaris Multiple integer overflow vulnerabilities in the FreeType 2 Font Library State: Preliminary First released: 26-Oct-2009
Permalink
|
20 Jan 2010
Sun Alert 275711 Security Vulnerability in the Sun Java System Directory Server May Allow Crafted LDAP Search Requests To Cause A Denial Of Service (DoS) Condition
Product: Sun Directory Server Enterprise Edition, Sun Java System Directory Server Enterprise Edition 6.3, Sun Java System Directory Server Enterprise Edition 6.2, Sun Java System Directory Server Enterprise Edition 6.1, Sun Java System Directory Server Enterprise Edition 6.0, Sun Java System Directory Server 5.2 A security vulnerability in the Sun Java System Directory Server(ns-slapd and slapd.exe) may allow a remote unprivileged user to crashthe Directory Server process via crafted LDAP search requests, therebyleading to a Denial of Service (DoS) condition. State: Preliminary First released: 20-Jan-2010
Permalink
|
19 Jan 2010
Sun Alert 275530 Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
Product: Solaris 10, OpenSolaris An integer overflow security vulnerability in the Solaris Kerberos (see kerberos(5)) crypto library http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2009-004.txt CVE-2009-4212 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 State: Workaround First released: 12-Jan-2010
Permalink
|
19 Jan 2010
Sun Alert 274870 Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections
Product: Solaris 10, OpenSolaris Multiple security vulnerabilities have been identified in thePostgreSQL software shipped with Solaris. These vulnerabilities mayallow a remote authenticated user with certain privileges to gain extraprivileges via a table with a crafted index function. Furthervulnerabilities may allow man-in-the-middle attacks on SSL basedPostgreSQL servers by substituting malicious SSL certificates fortrusted ones. These issues are described in the following documents: Official PostgreSQL annoucement at http://www.postgresql.org/about/news.1170 CVE-2009-4034 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4034 CVE-2009-4136 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4136 State: Resolved First released: 24-Dec-2009
Permalink
|
19 Jan 2010
Sun Alert 267088 Multiple Security Vulnerabilities in Solaris TCP (see tcp(7P)) Implementation May Lead to a Denial of Service (DoS) Condition
Product: Solaris 8, Solaris 9, Solaris 10, OpenSolaris Multiple security vulnerabilities exist in the Solaris TCP (seetcp(7P)) implementation due to the lack of resource control mechanisms.These issues may allow a remote privileged user with real IP addressesor subnet to easily cause certain network services on the affectedsystem to become unresponsive, which is a type of Denial of Service(DoS). The extent of the impact depends on the network application. These issues are also referenced in the following documents: CERT-FI Advisory on the Outpost24 TCP Issues [FICORA #193744] at https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html CVE CVE-2008-4609 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4609 US-CERT VU#723308 at http://www.kb.cert.org/vuls/id/723308 Sun acknowledges with thanks, Jack C. Louis and Robert E. Lee ofOutpost24, and CERT-FI for bringing these issues to our attention. State: Workaround First released: 09-Sep-2009
Permalink
|
13 Jan 2010
Sun Alert 275590 A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service
Product: Solaris 8, Solaris 9, Solaris 10, OpenSolaris A Security Vulnerability in the ntp Daemon (xntpd(1M)) associatedwith the handling US-CERT Vulnerability Note VU#568372 at http://www.kb.cert.org/vuls/id/568372 State: Workaround First released: 13-Jan-2010
Permalink
|
Comments [1]
11 Jan 2010
Sun Alert 272489 Security Vulnerability in the OSCAR Protocol Plugin for pidgin(1) may Lead to a Denial of Service (DoS) Condition
Product: Solaris 10, OpenSolaris A security vulnerability in the the OSCAR protocol pluginlibrary, the shared library that adds support for various instantmessaging networks to the pidgin(1) Instant Messaging client(previously known as Gaim), may allow remote unprivileged users tocause a Denial of Service (DoS) through an application crash viacrafted contact-list data for (1) ICQ and possibly (2) AIM. This issue is also referenced in the following document: CVE-2009-3615 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 State: Resolved First released: 10-Nov-2009
Permalink
|
11 Jan 2010
Sun Alert 275010 Security Vulnerability in Identity Manager 8.1.0.5 and 8.1.0.6 Configured with Sun Java System Access Manager, OpenSSO Enterprise 8.0 or IBM Tivoli Access Manager
Product: Sun Identity Manager 8.1 A security vulnerability in the Sun Java System Identity Manager may allow a local or remote unprivileged user to gain unauthorized access with all administrator privileges when Identity Manager is configured with Sun Java System Access Manager, OpenSSO Enterprise 8.0 or IBM Tivoli Access Manager. State: Resolved First released: 11-Jan-2010
Permalink
|
11 Jan 2010
Sun Alert 274390 An Integer Overflow Vulnerability in GIMP(1) May Lead to Denial of Service (DoS) or Execution of Arbitrary Code
Product: Solaris 10, OpenSolaris An integer overflow vulnerability in the GNU Image ManipulationProgram This issue is also described in the following document: State: Resolved First released: 15-Dec-2009
Permalink
|
11 Jan 2010
Sun Alert 275410 A Security Vulnerability in Solaris Trusted Extensions due to Missing Libraries may Allow Privilege Escalation
Product: Solaris 10 A security vulnerability in Solaris Trusted Extensions due to librarieswhich were not delivered with the Trusted Extensions may allow a localprivileged user to run arbitrary code with elevated privileges. State: Resolved First released: 11-Jan-2010
Permalink
|
11 Jan 2010
Sun Alert 273570 Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
Product: Solaris 10, OpenSolaris Multiple buffer and integer overflow vulnerabilities in Python (seepython(1)) may allow a local or remote unprivileged user to execute arbitrary code with the privileges of the Python application or crash aPython application resulting in a Denial of Service (DoS). These issues are also referenced in the following documents: CVE-2007-4965 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965 CVE-2008-1679 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679 CVE-2008-1721 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 CVE-2008-2315 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 State: Resolved First released: 03-Dec-2009
Permalink
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||