Note: This is an archival copy of Security Sun Alert 200876 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000665.1.
Solaris 10 Operating System
Date of Resolved Release
Two Security Vulnerabilities in Solaris Trusted Extensions label daemon (labeld) may allow a local unprivileged user to stop Trusted Extensions services from running on a system. When this occurs, all existing Trusted Desktop sessions would hang and unprivileged users may not be able to log in to the affected trusted system. This creates a Denial of Service (DoS) condition.
This issue can occur in the following releases:
Note: Solaris 8 and Solaris 9 are not impacted by these issues.
To determine if a system is configured with Trusted Extensions, the following command can be run:
$ svcs /system/labeld STATE STIME FMRI online 07:08:09 svc:/system/labeld:default
If the state is disabled or if "/system/labeld" service is not listed, then the system is not configured to use Trusted Extensions.
Should the described issue occur, a Trusted Extensions service "svc:/system/labeld" would be in a "maintenance" state.
To determine the state of the "labeld" service, the following command can be run:
$ svcs /system/labeld STATE STIME FMRI maintenance 07:08:09 svc:/system/labeld:default
There is no workaround. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment