Note: This is an archival copy of Security Sun Alert 200467 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000345.1.
Solaris 10 Operating System
Date of Resolved Release
A local unprivileged user may be able to bypass the system's routing table and direct packets on a per-socket basis to or through an on-link router other than the one defined by the system. This could allow a user to send data to hosts and services that may not be ordinarily reachable and/or bypass a firewall.
This issue can occur in the following releases:
There are no reliable symptoms that would indicate the described issue has been exploited to bypass the routing table on a system.
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment