Vulnerability Bulletins |
Autenticación y autorización incompleta en Sun Grid Engine y N1 Grid Engine en modo Certificate Security Protocol (CSP) |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Aumento de privilegios |
Dificulty | Experto |
Required attacker level | Acceso remoto con cuenta |
System information |
|
Property | Value |
Affected manufacturer | Comercial Software |
Affected software |
Sun N1 Grid Engine 6.0 Sun Grid Engine 5.3 |
Description |
|
Se ha descubierto una vulnerabilidad en Sun Grid Engine 5.3 y Sun N1 Grid Engine 6.0. La vulnerabilidad reside en un error no especificado relacionado con la autenticación y la autorización en el modo Certificate Security Protocol (CSP). Un atacante local podría apagar el servicio grid o acceder a este aunque se le hubiera denegado el acceso. |
|
Solution |
|
Actualización de software Sun Solaris SPARC / N1 Grid Engine 6.0 (32-bit Solaris) / patch 123037-01 Solaris SPARC / N1 Grid Engine 6.0 (64-bit Solaris) / patch 123038-01 Solaris SPARC / N1 Grid Engine 6.0 (32-bit Solaris) NON-Solaris Package format / patch 123041-01 Solaris SPARC / N1 Grid Engine 6.0 (64-bit Solaris) NON-Solaris Package format / patch 123042-01 Solaris x86 / N1 Grid Engine 6.0 / patch 123039-01 Solaris x86 / N1 Grid Engine 6.0 / NON-Solaris Package format / patch 123043-01 Solaris x86 / N1 Grid Engine 6.0 (x64) / patch 123040-01 Solaris x86 / N1 Grid Engine 6.0 (x64) NON-Solaris Package format / patch 123044-01 Linux / N1 Grid Engine 6.0 / patch 123045-01 Linux / N1 Grid Engine 6.0 (x64) / patch 123046-01 Windows / N1 Grid Engine 6.0 / patch 123052-01 HP-UX / N1 Grid Engine 6.0 / patch 123050-01 AIX 4.3 / N1 Grid Engine 6.0 / patch 123047-01 AIX 5.1 / N1 Grid Engine 6.0 / patch 123048-01 MAC OS / N1 Grid Engine 6.0 / patch 123049-01 IRIX 6.5 / N1 Grid Engine 6.0 / patch 123051-01 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Nota: Los usuarios de Sun Grid Engine 5.3 necesitan actualizar a N1 Grid Engine 6.0 con los parches adecuados. |
|
Standar resources |
|
Property | Value |
CVE | |
BID | |
Other resources |
|
Sun Alert Notification (102321) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102321-1 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2006-06-08 |