CVE-2005-4133

Name of the Vulnerable Software and Affected Versions Sun Solaris 10

Description The issue in Sun Solaris 10 allows local users to obtain the proxy authentication password when the Sun Update Connection is configured to use a web proxy. This can be achieved via an unspecified vector and through proxy log files.

Recommendations For Sun Solaris 10, consider restricting access to proxy log files and reconfiguring the Sun Update Connection to not use a web proxy until a fix is available. As a temporary workaround, changing the proxy authentication password regularly can help minimize the risk of exploitation.