Note: This is an archival copy of Security Sun Alert 200364 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000257.1.
Date of Workaround Release
Date of Resolved Release
On systems running Sun Cluster 3.x with SunPlex Manager configured, a remote unprivileged user (who has obtained "root" privileges) may cause a Denial of Service (DoS) and arbitrary code execution due to multiple vulnerabilities in OpenSSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
This issue is also described in CERT Vulnerability VU#104280 at http://www.kb.cert.org/vuls/id/104280, which is referenced in CERT Advisory CA-2003-26 at http://www.cert.org/advisories/CA-2003-26.html. Also see the NISCC Vulnerability Advisory 006489/TLS at http://www.uniras.gov.uk/vuls/2003/006489/tls.htm.
This issue can occur in the following releases:
To determine if SunPlex Manager is configured and running on a cluster node, run the following command:
$ /usr/bin/ps -fp `/usr/bin/cat /var/cluster/spm/httpd.pid`
If the output is similar to the following:
UID PID PPID C STIME TTY TIME CMD root 2907 1 0 Nov 19 ? 0:02 /usr/apache/bin/httpd -DSSL -f /opt/SUNWscvw/conf/httpd.conf
then SunPlex Manager is running on this cluster node. If the above command returns no process information or an error, SunPlex Manager is not running on this cluster node.
There are no predictable symptoms that would indicate the above described issue has been exploited.
To work around the described issue, systems can be protected by completely stopping the SunPlex Manager by running the following command:
$ /etc/init.d/initspm stop
This issue is addressed in the following releases:
Sun Cluster 3.1
This solution has no attachment