Skip to main content

Sun Solaris and JES Network Security Services Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 15 Oct 2009 6247 Views

RISK: Medium Risk

A vulnerability has been identified in Sun Solaris and Sun Java Enterprise System, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an error in Network Security Services (NSS).


Impact

  • Remote Code Execution

System / Technologies affected

  • Sun Solaris 9
  • Sun Solaris 10
  • Sun Java Enterprise System 2005Q4
  • Sun Java Enterprise System 5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Sun Solaris 9 (SPARC) - Apply patch 119211-21 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119211-21-1

Sun Solaris 10 (SPARC) - Apply patch 119213-20 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119213-20-1

Sun Java Enterprise System 2005Q4 (for Solaris 8 / SPARC) - Apply patch 119209-21 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119209-21-1

Sun Java Enterprise System 2005Q4 (for Solaris 9 / SPARC) - Apply patch 119211-21 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119211-21-1

Sun Java Enterprise System 2005Q4 (for Solaris 10 / SPARC) - Apply patch 119213-20 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119213-20-1

Sun Java Enterprise System 5 (SPARC) - Apply patch 125358-09 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-125358-09-1

Sun Solaris 9 (x86) - Apply patch 119212-21 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119212-21-1

Sun Solaris 10 (x86) - Apply patch 119214-20 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119214-20-1

Sun Java Enterprise System 2005Q4 (for Solaris 9 / x86) - Apply patch 119212-21 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119212-21-1

Sun Java Enterprise System 2005Q4 (for Solaris 10 / x86) - Apply patch 119214-20 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-119214-20-1

Sun Java Enterprise System 5 (x86) - Apply patch 125359-09 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-125359-09-1

Sun Java Enterprise System 2005Q4 and Sun Java Enterprise System 5 (for RHEL2.1 and RHEL3.0) - Apply patch 142506-02 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-142506-02-1

Sun Java Enterprise System 5 (for RHEL4.0 and RHEL5.0) - Apply patch 121656-20 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-121656-20-1

Sun Java Enterprise System 2005Q4 and Sun Java Enterprise System 5 (HP-UX) - Apply patch 124379-11 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-124379-11-1

Sun Java Enterprise System 2005Q4 (Windows) - Apply patch 124392-10 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-124392-10-1

Sun Java Enterprise System 5 (Windows) - Apply patch 125923-09 or later:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-125923-09-1


Vulnerability Identifier


Source


Related Link