---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Sun Ray Server Software Device Services Unspecified Vulnerability SECUNIA ADVISORY ID: SA39432 VERIFY ADVISORY: http://secunia.com/advisories/39432/ DESCRIPTION: A vulnerability has been reported in Sun Ray Server Software, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error in the Device Services component. No further information is currently available. SOLUTION: Apply patches. -- SPARC Platform -- Sun Ray Server Software 4.2 (for Solaris 10): Apply patch 140993-01 or later. Sun Ray Server Software 4.1 (for Solaris 10): Apply patch 139548-04 or later. Sun Ray Server Software 4.0 (for Solaris 10): Apply patch 127553-08 or later. -- x86 Platform -- Sun Ray Server Software 4.2 (for Solaris 10): Apply patch 140994-01 or later. Sun Ray Server Software 4.1 (for Solaris 10): Apply patch 139549-04 or later. Sun Ray Server Software 4.0 (for Solaris 10): Apply patch 127554-08 or later. -- Linux -- Sun Ray Server Software 4.2 (for Solaris 10): Apply patch 140995-01 or later. Sun Ray Server Software 4.1 (for Solaris 10): Apply patch 139550-04 or later. Sun Ray Server Software 4.0 (for Solaris 10): Apply patch 127555-08 or later. PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for April 2010 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-274590-1 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------