Category
Security
Release Phase
Resolved
ProductSun Java System Communications Services 6 Delegated Administrator 2005Q1
Bug Id
6318966
Date of Resolved Release05-DEC-2005
Impact
A Security Vulnerability in Communications Services Delegated Administrator 2005Q1 may allow a remote unauthorized user the ability to gain access to the Top-Level Administrator (TLA) default password.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for Solaris 8, 9, and 10) without patch 119777-09
x86 Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for Solaris 8, 9, and 10) without patch 119778-09
Linux Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for RHEL2.1 and RHEL3.0) without patch 119779-09
Note: Solaris 8 for the x86 platform is not affected by this issue.
To determine if Sun Java Communications Services Delegated Administrator 2005Q1 is installed on a system, the following command can be used:
% pkgparam -v SUNWcomis | grep SUNW_PRODVERS
SUNW_PRODVERS=' 6.2-0.10'
Symptoms
There are no predictable symptoms that would indicate the described issue has been exploited.
Workaround
To work around the described issue, remove the "configure_toplevel_admin.ldif" file in the "config" directory. This is used only during configuration and is not needed afterwards.
Resolution
This issue is addressed in the following releases:
SPARC Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for Solaris 8, 9, and 10) with patch 119777-09 or later
x86 Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for Solaris 8, 9, and 10) with patch 119778-09 or later
Linux Platform
- Sun Java System Communications Services 6 Delegated Administrator 2005Q1 (for RHEL2.1 and RHEL3.0) with patch 119779-09 or later
Modification History
Date: 12-DEC-2005
Date: 21-DEC-2005
- Added note to Contributing Factors section
References
119779-09
119778-09
119777-09
AttachmentsThis solution has no attachment