|
|
8 Oct 2007
#18766
|
Privacy and the CIO: Part of the Territory?
Sun's Chief Privacy Officer Michelle Dennedy Has Some Answers
Michelle Dennedy, chief privacy officer at Sun, says the biggest challenge of her job is keeping on top of Sun's systems and the information they contain on both employees and customers. She shared a bit of insight on her position at Sun with InformationWeek's John Soat.
|
|
8 Oct 2007
#18781
|
X Font Server Vulnerabilities Detected in Solaris OS
Disable XFS Until Patch Released
Versions of the Solaris Operating System (Solaris OS) are susceptible to X font server vulnerabilities by default, explains Alan Coopersmith, a member of the X Window System engineering team at Sun. Solaris 10 6/06 OS and older run xfs by default from inetd listening to the network, while the Solaris 10 11/06 OS and later ask for direction. Solaris Nevada/Express closes network services by default.
|
|
8 Oct 2007
#18694
|
Mutiple Security Fixes Issued for the Java SE Platform
Two New Security Response Features to be Added to Platform
Multiple security vulnerabilities in the Java Platform, Standard Edition (Java SE) have been patched within the last couple of weeks, and Sun plans on strengthening the platform even more with two new security response features: synchronized security fixes for all supported operating systems and advance notification of security updates.
|
|
8 Oct 2007
#18748
|
Sun Java System Identity Manager 7.0 Streamlines Administration, Auditing Tasks
Solution Garners Information Security's 'Hot Picks' Award
The Sun Java System Identity Manager 7.0 is a useful tool to help users "Prevent costly security breaches and regulatory violations with Sun's award winning identity management solution," as Chip Brookshaw writes in his report. He contends that, in addition, the solution streamlines provisioning tasks by offering flexible and unique management tools and auditing capabilities.
|
|
8 Oct 2007
#18735
|
Embedded Lights Out Manager Vulnerable to Unauthorized Access
ELOM in Sun Fire X2100 M2 and X2200 M2 Susceptible
A workaround has been issued to ensure remote unprivileged users cannot access the Embedded Lights Out Manager (ELOM) for the Sun Fire X2100 M2 and Sun Fire X2200 M2 servers. A vulnerability in the ELOM software could allow users to initiate unauthorized network traffic from the embedded service processor (SP), which could serve as a proxy to send unsolicited bulk e-mail (spam). This issue has also been resolved in SP/BMC firmware version 3.09.
|
|
8 Oct 2007
#18746
|
Two Vulnerabilities in Solaris 8, 9 and 10 OS Fixed
One in Solaris Named Pipes (pipe(2)); Other with Thread Contexts in Solaris Kernel
Two vulnerabilities affecting the Solaris 8, 9 and 10 Operating Systems (Solaris OS) have been fixed. The first is a vulnerability in the Solaris Named Pipes (pipe(2)) that could allow access to unauthorized memory locations, while the second involves the handling of thread contexts in the Solaris kernel that could result in a denial of service (DoS).
|
|
