Nortel Response to Sun Alert 240101 - Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic
| Description: |
Sun Microsystems has recently issued Sun Alert 240101 - Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Sun Alert 240101 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-240101-1) This bulletin addresses the following CVEs: 1. CVE-2008-0964 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0964 Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. 2. CVE-2008-0965 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0965 Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2008009062, Rev 1 |
| Status: |
Retired |
| Date: |
2009-03-08 |
