Monday, June 2, 2008

Sun Patches Solaris

Sun Microsystems patched a number of vulnerabilities in Solaris 8, 9 and 10 over the past few days. Three stack-based buffer overflows in the SAMBA 3.0 code in Solaris 9 and 10 were patched. These three vulnerabilities could have allowed a remote user to inject code through SAMBA requests across a network. The patch for these vulnerabilities is available now. A second patch also can be obtained online. Additionally, Sun issued patches for Solaris 8, 9 and 10 that fix a hole in Crontab. Malicious users could potentially escalate their privileges on a system by creating race conditions in the Crontab utility. A fix is available.

--Alex Handy

No comments: