Oracle Solaris Multiple Vulnerabilities

Last Update Date: 21 Jul 2011 10:21 Release Date: 21 Jul 2011 6508 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Sun Solaris

TYPE: Sun Solaris

Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious and local users to cause a DoS (Denial of Service), gain escalated privileges or potentially compromise a vulnerable system.

  1. An unspecified error in fingerd can be exploited to cause the system to hang or crash via specially crafted requests.
  2. An unspecified error in the SSH component can be exploited to potentially compromise a vulnerable system.
  3. An unspecified error in the Installer, rksh and Trusted Extensions component can be exploited to gain escalated privileges.
  4. An unspecified error in the TCP/IP implementation can be exploited by authenticated users to crash the system.
  5. An unspecified error in the SSH and KSSL component can be exploited to cause the service to stop responding or crash.
  6. An unspecified error in the Kernel/SCTP, Kernel/sockfs, UFS, Zones and Driver/USB component can be exploited to cause a local DoS.
  7. An unspecified error in the LiveUpgrade component can be exploited to manipulate certain data or cause a local DoS.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • Oracle Solaris versions 8, 9, 10, and 11 Express

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Picasa JPEG Image Processing Code Execution Vulnerability

21 Jul 2011 6365 Views

Next

Foxit Reader ActiveX Control "OpenFile()" Buffer Overflow Vulnerability

22 Jul 2011 6596 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY