Nortel: Technical Support: Nortel response to Sun Alerts 256788 and 262668 on Solaris 10 Potential Vulnerabilities

You are currently browsing our site with javascriptdisabled. Some features may be unavailable. Learn more about viewing our site.

Welcome, Guest

Help Using This Site

Nortel response to Sun Alerts 256788 and 262668 on Solaris 10 Potential Vulnerabilities

Description:	Sun Microsystems has recently released the following 2 Sun Alerts: 1. Sun Alert 256788 - Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 - Within Solaris 10, Multiple security vulnerabilities in Adobe Reader 9.0 and earlier may allow remote unprivileged users to execute arbitrary code or crash the Adobe Reader application, thereby causing a Denial of Service (DoS) condition. These vulnerabilities may be exploited via specially crafted PDF files.This is in response to Adobe Security Bulletin APSB09-04. 2. Sun Alert 262668 - Security Vulnerability in the Solaris Network File System Version 4 (NFSv4) http://sunsolve.sun.com/search/document.do?assetkey=1-66-262668-1 - A security vulnerability in the Solaris NFSv4 Server Kernel Module 'nfs_portmon' tunable may allow certain remote unprivileged users to gain unauthorized network access to share resources, thereby allowing those users to access (read and write) arbitrary files. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. This bulletin addresses the following CVEs: 1) The following CVEs are associated with the Adobe Reader vulnerabilities: CVE-2009-0658 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0658 CVE-2009-0193 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0193 CVE-2009-0927 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0927 CVE-2009-0928 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0928 CVE-2009-1061 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1061 CVE-2009-1062 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1062 2) The following CVE is associated with the NFSv4 vulnerability - CVE-2009-2296 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2296)
Type:	Security Advisories
Number:	2009009637, Rev 1
Status:	Active
Date:	2009-07-30

Show Associated Products

Bulletin Downloads

		Title	Extension	File Size	Language
		Nortel response to Sun Alerts 256788 and 262668 on Solaris 10 Potential Vulnerabilities Checksum: 00734952f876326b23e06ea70ef2451a [MD5]	[pdf]	21420 bytes	English

Associated Products

Media Processing Server (MPS) 1000

Periphonics Common Channel Signaling Server (CCSS)

Periphonics PeriToolsWorkstation

Periphonics Speech Platform

Self-Service Portfolio

Speech and Self-Service