Sun Solaris Trusted Extensions Labeled Networking Security Bypass Vulnerability

Bugtraq ID:	30602
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Aug 07 2008 12:00AM
Updated:	Aug 08 2008 03:36PM
Credit:	Sun Microsystems
Vulnerable:	Sun Solaris 10_x86 Sun Solaris 10 Sun OpenSolaris build snv_67 Sun OpenSolaris build snv_39
Not Vulnerable:	Sun OpenSolaris build snv_68

Sun Solaris Trusted Extensions Labeled Networking Security Bypass Vulnerability

Sun Solaris is prone to a security-bypass vulnerability that affects the Trusted Extensions labeled networking.

Attackers can exploit this issue to bypass certain security restrictions and gain access to the administrative zone of the affected system.

This issue affects Solaris 10 and OpenSolaris platforms.

Sun Solaris Trusted Extensions Labeled Networking Security Bypass Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Sun Solaris Trusted Extensions Labeled Networking Security Bypass Vulnerability

Solution:
The vendor has released fixes and an advisory. Please see the references for more information.

Sun Solaris Trusted Extensions Labeled Networking Security Bypass Vulnerability

References:

• Solaris Homepage (Sun Microsystems)
  
• Solution 240099 : Security Vulnerability in Solaris Trusted Extensions Labele (Sun)