TITLE: Sun Solaris Network Security Services (NSS) Security Tools Zlib Vulnerability SECUNIA ADVISORY ID: SA17236 VERIFY ADVISORY: http://secunia.com/advisories/17236/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Sun Solaris 10 http://secunia.com/product/4813/ Sun Solaris 9 http://secunia.com/product/95/ SOFTWARE: Sun Java Enterprise System 2004Q2 http://secunia.com/product/5885/ Sun Java Enterprise System 2003Q4 http://secunia.com/product/3930/ Sun Java Enterprise System 2005Q1 http://secunia.com/product/5886/ DESCRIPTION: Sun Microsystems has acknowledged a vulnerability in Solaris and Sun Java Enterprise System, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. For more information: SA17225 The vulnerability has been reported in the following products: * Solaris 9 Operating System * Solaris 10 Operating System * Sun Java Enterprise System 2003Q4 * Sun Java Enterprise System 2004Q2 * Sun Java Enterprise System 2005Q1 SOLUTION: Apply patches: -- Sparc Platform -- Sun Java Enterprise System 2003Q4, 2004Q2 and 2005Q1 for Solaris 8: Apply patch 119209-05 or later. Sun Java Enterprise System 2003Q4, 2004Q2 and 2005Q1 for Solaris 9: Apply patch 119211-05 or later. Sun Java Enterprise System 2005Q1 for Solaris 10: Apply patch 119213-05 or later. Solaris 9: Apply patch 119211-05 or later. Solaris 10: Apply patch 119213-05 or later. -- x86 Platform -- Sun Java Enterprise System 2003Q4, 2004Q2 and 2005Q1 for Solaris 9: Apply patch 119212-05 or later. Sun Java Enterprise System 2005Q1 for Solaris 10: Apply patch 119214-05 or later. Solaris 9: Apply patch 119212-05 or later. Solaris 10: Apply patch 119214-05 or later. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1 OTHER REFERENCES: SA17225: http://secunia.com/advisories/17225/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------