Skip to main content

Sun Products Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2010 5540 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in various Sun products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, bypass security restrictions, or execute arbitrary code.

These issues are caused by errors in the ToolTalk, FTP Server, rdist, Administration Server, ZFS, Mail, Calendar, Address Book, and Instant Messaging, GigaSwift Ethernet Driver, TCP/IP, Kernel/VM, Kernel/Filesystem, Authentication, Kernel/RPC, Metro Web Services, Install Software, NFS, Solaris Management Console and the GUI components.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Sun Solaris 8
  • Sun Solaris 9
  • Sun Solaris 10
  • Sun OpenSolaris
  • Sun Java System Web Proxy Server version 4.0.13 and prior
  • Sun Convergence version 1.0 and prior
  • Sun Access Manager version 7.1
  • Sun Access Manager version 7 2005Q4
  • Sun OpenSSO Enterprise version 8.0
  • Sun Solaris Studio version 12 update 1 and prior
  • Sun Java System Application Server version 8.0
  • Sun Java System Application Server version 8.1
  • Sun Java System Application Server version 8.2
  • GlassFish Enterprise Server version 2.1.1 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patches:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html


Vulnerability Identifier


Source