Skip to main content

Oracle Solaris Multiple Vulnerabilities

Last Update Date: 20 Oct 2011 11:26 Release Date: 20 Oct 2011 5738 Views

RISK: High Risk

TYPE: Operating Systems - Sun Solaris

TYPE: Sun Solaris

Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and by malicious people to cause a DoS and potentially compromise a vulnerable system. These issues are caused by the errors in the following components/functions:

  • LDAP library
  • iSCSI DataMover (IDM) component
  • Process File System (procfs) component
  • Network Status Monitor (statd(1M)) component
  • Remote Quota Server (rquotad(1M)) component
  • Kernel/Filesystem component
  • Kernel/Performance Counter BackEnd Module (pcbe) component
  • ZFS component
  • Network Services Library (libnsl(3LIB)) component
  • xscreensaver component
  • ZFS component
  • DTrace Software Library (libdtrace(3LIB)
  • Zones component

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Oracle Solaris 11 Express
  • Sun Solaris 10.x
  • Sun Solaris 8
  • Sun Solaris 9

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link