TITLE:
Sun Solaris LDAP2 Client Commands Security Issue

SECUNIA ADVISORY ID:
SA19638

VERIFY ADVISORY:
http://secunia.com/advisories/19638/

CRITICAL:
Less critical

IMPACT:
Exposure of sensitive information

WHERE:
Local system

OPERATING SYSTEM:
Sun Solaris 8
http://secunia.com/product/94/
Sun Solaris 9
http://secunia.com/product/95/

DESCRIPTION:
A security issue has been reported in Sun Solaris, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

The problem is that the Directory Server rootDN (Distinguished Name)
password may be disclosed to local users when a privileged users runs
the idsconfig command or certain LDAP commands (ldapadd, ldapdelete,
ldapmodify, ldapmodrdn, and ldapsearch).

SOLUTION:
Apply patches.

-- SPARC Platform --

Solaris 8:
Apply patch 108993-51 or later.

Solaris 9:
Apply patch 115677-02 or later and 121321-01 or later.

-- x86 Platform --

Solaris 8:
Apply patch 108994-51 or later.

Solaris 9:
Apply patch 115678-02 or later and 121322-01 or later.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Michael Gerdts.

ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102113-1

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------