TechTarget

Sun patches two Solaris security holes

Sun Microsystems released a patch this week that closed two security holes in its Solaris operating system. The holes could have...

Sun Microsystems released a patch this week that closed two security holes in its Solaris operating system. The holes could have allowed an attacker to take control of vulnerable systems.

The vulnerabilities affect the snmpdx and mibiisa agents that are components of versions 2.6, 7 and 8 of the company's Solaris operating system, according to an alert from Sun.

The two affected agents both run with root privileges, the highest level of access on systems and are part of the OS's Simple Network Management Protocol (SNMP) capabilities.

The capabilities allow for device configuration and administration. The snmpdx agent monitors SNMP requests and information from the system and forwards relevant information on to mibiisa.

The vulnerabilities come in the form of a format string vulnerability in snmpdx and a buffer overflow in mibiisa. Both vulnerabilties can be exploited locally and remotely, the company said.

The flaw is mitigated because the vulnerabilities only exist on systems running Sun Solstice Enterprise Master Agent, snmpdx and mibiisa, Sun added.

Patches for the affected operating systems are available at http://sunsolve.sun.com/securitypatch.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close