Sun Microsystems patched a number of vulnerabilities in Solaris 8, 9 and 10 over the past few days. Three stack-based buffer overflows in the SAMBA 3.0 code in Solaris 9 and 10 were patched. These three vulnerabilities could have allowed a remote user to inject code through SAMBA requests across a network. The patch for these vulnerabilities is available now. A second patch also can be obtained online. Additionally, Sun issued patches for Solaris 8, 9 and 10 that fix a hole in Crontab. Malicious users could potentially escalate their privileges on a system by creating race conditions in the Crontab utility. A fix is available.
--Alex Handy
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment