Note: This is an archival copy of Security Sun Alert 253889 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020190.1.
Sun Ray Server Software 4.0
Date of Resolved Release
Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions
A security vulnerability in the Sun Ray Server Software (SRSS) utaudiod daemon audio service may allow a local unprivileged user to cause a denial of audio service or possibly to execute arbitrary code with the privileges of the utaudiod service. A second vulnerability, an information leak in the utaudiod daemon, may allow a local unprivileged user on a system with Trusted Extensions enabled to gain unauthorized access to the Sun Ray sessions of other users.
2. Contributing Factors
These issues can occur in the following releases:
1. Sun Ray Server Software 2.0, 3.0, 3.1, 3.1.1 and 4.1 are not affected by these issues.
To determine the version of Sun Ray Server Software on a system, the following command can be run:
$/opt/SUNWut/lib/utprodinfo -p SUNWuto VERSION2. These issues can only occur on systems with Trusted Extensions enabled.
To determine if a system is configured with Solaris Trusted Extensions, the following command can be run:
$ svcs /system/labeldIf the system is configured with Solaris Trusted Extensions, the "labeld" service will have an instance in the online state.
There are no predictable symptoms that would indicate the described vulnerabilities have been exploited.
There is no workaround for these issues. Please see the Resolution section below.
These issues are addressed in the following releases:
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment