Note: This is an archival copy of Security Sun Alert 201166 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000880.1.
Solaris 9 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
A local unprivileged user may be able to load their own Generic Security Service Application Program Interface (GSS-API) when a privileged GSS-API application is installed which utilizes the libgss(3LIB) library.
Note: Sun does not ship any privileged applications which link to the libgss(3LIB) library and thus no Sun applications are affected by this issue.
This issue can occur in the following releases:
There are no predictable symptoms that would indicate the described issue has been exploited.
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment