微点交流论坛

标题: Sun Ray Device Manager Daemon操控数据和拒绝服务 [打印本页]

作者: pioneer 时间: 2007-12-24 09:25 标题: Sun Ray Device Manager Daemon操控数据和拒绝服务

来源

secunia.com

软件名

Sun Ray Server Software (SRSS) 2.x
Sun Ray Server Software (SRSS) 3.x

描述

这可被恶意的当前用户恶意操控特定数据或导致拒绝服务
Sun Ray Device Manager daemon (utdevmgrd(1M)) 中的不特定错误可在服务器上创建或删除任意目录或导致Device Manager daemon崩溃

该漏洞影响了2.0, 3.0, 3.1, 和3.1.1

解决方案

应用补丁或使 Sun Ray Device Manager daemon不可用（联系厂商获得更多信息）

-- SPARC Platform --
Sun Ray Server Software 3.1 (for Solaris 8, 9, and 10):
Apply patch 120879-07 or later.
http://sunsolve.sun.com/search/d ... id:1-21-120879-07-1

-- x86 Platform --
Sun Ray Server Software 3.1 (for Solaris 10):
Apply patch 120880-07 or later.
http://sunsolve.sun.com/search/d ... id:1-21-120880-07-1

-- Linux Platform --
Sun Ray Server Software 3.1:
Apply patch 120881-07 or later
http://sunsolve.sun.com/search/d ... id:1-21-120881-07-1

Sun Ray Server Software 3.1.1:
Apply patch 124388-02 or later.
http://sunsolve.sun.com/search/d ... id:1-21-124388-02-1

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn