PT-2009-4898 · Oracle · Solaris+2

Published

2009-07-16

Updated

2017-08-17

CVE-2009-2491

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Sun Ray Server Software (SRSS) version 4.0

Description The issue in the utaudiod daemon allows local users to access the sessions of arbitrary users when Solaris Trusted Extensions is enabled. This is related to resource leaks, although the specific vectors are not detailed.

Recommendations For Sun Ray Server Software (SRSS) version 4.0, consider disabling the utaudiod daemon when Solaris Trusted Extensions is enabled as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2491

Affected Products

Solaris

Sun Ray Server

Utaudiod

PT-2009-4898 · Oracle · Solaris+2

CVE-2009-2491

Related Identifiers

Affected Products

References · 6