Secunia Advisory: | SA28151 | |
Release Date: | 2007-12-19 | |
Critical: | Moderately critical | |
Impact: | Security Bypass | |
Where: | From local network | |
Solution Status: | Vendor Patch | |
Software: | Sun Management Center (SunMC) 3.x | |
Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! |
A security issue has been reported in Sun Management Center, which can be exploited by malicious people to bypass certain security restrictions.
The problem is caused due to an existing default account within the Oracle database component and can be exploited to gain access to the database and execute arbitrary code with privileges of the Oracle database server.
The security issue is reported in Sun Management Center 3.6.1, 3.6, and 3.5 Update 1.
Solution:
Apply patches.
Sun MC 3.5 Update 1 (for Solaris 8):
Patch 118388-11 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-118388-11-1
Sun MC 3.5 Update 1 (for Solaris 9):
Patch 118389-12 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-118389-12-1
Sun MC 3.6 (for Solaris 8):
Patch 127380-01 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-127380-01-1
Sun MC 3.6 (for Solaris 9):
Patch 127381-01 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-127381-01-1
Sun MC 3.6 (for Solaris 10):
Patch 127383-01 or later
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-127383-01-1
Sun MC 3.6.1 (for Solaris 8):
Patch 123920-04 or later
Sun MC 3.6.1 (for Solaris 9):
Patch 123921-04 or later
Sun MC 3.6.1 (for Solaris 10):
Patch 123923-04 or later
Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103152-1
資料來源 http://secunia.com/advisories/28151/
全站熱搜
留言列表