Vulnerability Bulletins |
Acceso a información privilegiada en Sun Solaris |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Aumento de privilegios |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Comercial Software |
Affected software |
Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris libpng < 1.2.37 |
Description |
|
Se han descubierto múltiples vulnerabilidades en Libpng en Sun Solaris. Un atacante remoto podría obtener acceso a información privilegiada de la memoria mediante una imagen PNG especialmente diseñada. |
|
Solution |
|
Actualización de software Sun (269788) OpenSolaris / upon builds snv_124 o posterior http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Red Hat (RHSA-2010:0534-1) Red Hat Enterprise Linux Desktop Workstation (v. 5 cliente) Red Hat Desktop (v. 3) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 cliente) Red Hat Enterprise Linux Desktop (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ |
|
Standar resources |
|
Property | Value |
CVE | CVE-2009-2042 |
BID | 35233 |
Other resources |
|
Sun Alert Notification (269788) http://sunsolve.sun.com/search/document.do?assetkey=1-66-269788-1 Red Hat Security Advisory (RHSA-2010:0534-1) https://rhn.redhat.com/errata/RHSA-2010-0534.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2009-10-20 |
1.1 | Aviso emitido por Debian (DSA-2032-1) | 2010-04-23 |
1.2 | Aviso emitido por Red Hat (RHSA-2010:0534-1) | 2010-08-10 |