Note: This is an archival copy of Security Sun Alert 234304 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019072.1.
Article ID : 1019072.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-24
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Sun Alert Archive Reference for Year 2000

Category
Security

Release Phase
Resolved

Security Sun Alert Archive Reference for Year 2000

1 of 3 -- Security Sun Alert Archive Reference for Year 2000
If you need additional information for any of the following
Sun Alerts please contact the Sun Alert Program Office at:
	sunalert_pmo@sun.com
These Sun Alerts are only available upon request. They are not part
of the current collection which begins with January 1, 2003.
=========================================================================================
1)
sadmind May Be Exploited to Gain Root Access
Sun Alert ID: 100740 (formerly 22893)
# BugIDs: 4298053
Product: Solaris 2.5 to 8
Remote attackers may exploit this vulnerability in the "sadmind" program to execute arbitrary instructions with superuser privileges, thereby compromising system security.
=========================================================================================
2)
dlopen() in libprint.so.2 Could be Exploited to Gain Root Access
Sun Alert ID: 100744 (formerly 23056)
# BugIDs: 4334568
Product: Solaris 2.6 to 8
Users with an unprivileged account may be able to get full root access to the system.
=========================================================================================
3)
Buffer Overflow in netpr_send_message() Might Lead to Unauthorized Root Access
Sun Alert ID: 100755 (formerly 23567)
# BugIDs: 4310991
# Product: Solaris 2.6 to 8
Unprivileged users are able to get full root access to a system.
=========================================================================================
4)
Netscape Browser Allows Malicious Applets to Read Data From Local Files
Sun Alert ID: 100766 (formerly 23665)
# BugIDs: CERT, advisory, CA-2000-15
Product: Netscape Browser
An exploit dubbed "Brown Orifice" creates an HTTP server as a Java applet thus turning the Netscape Browser into a web server. This allows remote users to access local and networked files. These files include URLs located behind firewalls using "file://", "http://", "https://", "ftp://", and other types of connections.
The Netscape Browser is a component of both Netscape Communicator and Netscape Navigator.
For more information on the vulnerability see CERT advisory CA-2000-15 at: http://www.cert.org/advisories/CA-2000-15.html
=========================================================================================
5)
Possible Security Issue in nscd because of Buffer Overflows
Sun Alert ID: 100719 (formerly 123)
# BugIDs: 4114757
Product: Solaris 2.5, 2.6
Unprivileged users may be able to get full root access to the system because of a possible buffer overflow in the nscd process.
=========================================================================================
6)
Non-Privileged Users Can Obtain Root Access on Systems Running Sun HPC 2.0 or Sun HPC Clustertools 3.0/3.1
Sun Alert ID: 100775 (formerly 23934)
# BugIDs: 4345873
# Product: Sun HPC Clustertools 3.1
Non-Privileged users can obtain root access on systems running Sun HPC 2.0, Sun HPC Clustertools 3.0, or Sun HPC Clustertools 3.1.
=========================================================================================
7)
Users can Bypass Being Forced to Change Their Login Password
Sun Alert ID: 100773 (formerly 23895)
# BugIDs: 4112707
Product: Solaris 2.5.1 to 8
Even though a login password has been created with the "passwd -f" command to force a user to change the password on the first login, users can circumvent this requirement and use the initially set password indefinitely.
=========================================================================================
8)
Potential Compromise of 2 Sun Browser Certificates
Sun Alert ID: 100796 (formerly 24690)
# BugIDs: none
Product: Web browsers
Web browsers accept security certificates from trusted sources. A specific certificate from Sun may have received outside exposure.
Systems that encounter this certificate are potentially vulnerable to attack from malicious applets, applications or components.
=========================================================================================
9)
The Java Runtime Environment Might Allow an Untrusted Java Class to Call Into a Disallowed Java Class
Sun Alert ID: 100788 (formerly 24493)
# BugIDs: 4288452
Product: JDK/JRE 1.2.2
Under certain circumstances, the Java(TM) Runtime Environment might allow an untrusted Java class to call into an otherwise disallowed Java class. This is a potential security issue.
============ End of 2000 ======================================================

Product
Solaris 8 Operating System


Attachments
This solution has no attachment