Security vulnerabilities affecting the PostgreSQL software shipped with Solaris may allow an authenticated PostgreSQL user to cause a denial of service (DoS) to the PostgreSQL server by "re-LOAD-ing" libraries from a certain plugins directory. However, the PostgreSQL versions shipped with Solaris do not include any plugins. In addition, an issue with the privileges for RESET ROLE and RESET SESSION AUTHORIZATION operations may allow any authenticated users to gain extra privileges.

These issues are described in the following documents:

Official PostgreSQL announcement at: http://www.postgresql.org/about/news.1135
CVE-2009-3229 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3229
CVE-2009-3230 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3230

Note: PostgreSQL is not compiled with LDAP support on Solaris. Solaris is not affected with CVE-2009-3231.

Permalink |

A heap overflow vulnerability in the w(1) utility may allow a local unprivileged user to execute arbitrary code with root privileges.

Sun acknowledges with thanks, Monarch Rich "1c239c43f521145fa8385d64a9c32243 http://unsecurityresearch.blogspot.com" for discovering and reporting this issue.
Permalink |

A security vulnerability in Solaris Sockets Direct Protocol (SDP) driver (sdp(7D)) may allow a local or remote unprivileged user to exhaust all kernel memory.  This is a type of Denial of Service (DoS).

Note: No applications bundled with Solaris are affected by this issue however third-party applications which make use of SDP may be affected.
Permalink |