Note: This is an archival copy of Security Sun Alert 249306 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019934.1.
Solaris 10 Operating System
Date of Resolved Release
Security Vulnerabilities in the Solaris lpadmin(1M) and ppdmgr(1M) Utilities May Lead to a Denial of Service (DoS) Condition
Security vulnerabilities in the Solaris lpadmin(1M) and the ppdmgr(1M) print utilities may, under specific circumstances, allow local unprivileged users to cause a Denial of Service (DoS) to certain system services or to the system as a whole.
Sun acknowledges with thanks, Mike Gerdts for bringing these issues to our attention.
2. Contributing Factors
This issue can occur in the following releases:
1. Solaris 8 and 9 are not impacted by these issues.
2. Only OpenSolaris installations including the following affected executable scripts are impacted by this issue:
3. OpenSolaris distributions may include additional bug fixes above and beyond the base build from which it was derived. The base build can be derived as follows:
$ uname -v
There are no predictable symptoms to indicate these issues have been exploited to lead to a Denial of Service (DoS) condition.
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment