Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation resources documentation contact  
subscriber area subscriber area
free access free access
Vigil@nce describes vulnerabilities impacting your systems, and offers solutions to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability
vulnerability bulletin CVE-2009-2489 CVE-2009-2490 CVE-2009-2491
Sun Ray Server: access to a session

Synthesis of the vulnerability
Several vulnerabilities of Sun Ray Server can be used by a local attacker to access to sessions of another user.
Severity: 2/4.
Consequences: user access/rights, denial of service of service.
Provenance: user shell.
Means of attack: no proof of concept, no attack.
Ability of attacker: expert (4/4).
Confidence: confirmed by the editor (5/5).
Diffusion of the vulnerable configuration: high (3/3).
Number of vulnerabilities in this bulletin: 3.
Creation date: 16/07/2009.

Impacted products

Description of the vulnerability
The Sun Ray Server (SRSS) product provides thin clients with a Solaris, Linux or Windows environment. When a user leaves a thin client, his session is saved on SRSS, and is then reimported when he connects again on a thin client.

The utdmsession program informs the Device Manager when a session is created/destroyed. A local attacker can use utdmsession to access to sessions of other users. [severity:2/4; 252226, 6740687, BID-35711, CVE-2009-2489, >]

The utaudiod daemon manages the Audio Service. When Trusted Extensions are enabled, a local attacker can generate a denial of service in utaudiod. [severity:1/4; 253889, 6672502, BID-35713, CVE-2009-2490, >]

The utaudiod daemon manages the Audio Service. When Trusted Extensions are enabled, a local attacker can use utaudiod to access to the session of another user. [severity:2/4; 253889, 6672502, BID-35713, CVE-2009-2491, >]

An attacker can therefore obtain privileges of another user.

Characteristics
Title: Sun Ray Server: access to a session
Identifiers: 252226, 253889, 6672502, 6740687, BID-35711, BID-35713, CVE-2009-2489, CVE-2009-2490, CVE-2009-2491, VIGILANCE-VUL-8868.
Url: https://vigilance.fr/tree/1/8868

Solutions for this vulnerability
Patch or workaround

Supplements

Vulnerability : 252226 utdmsession
The utdmsession program informs the Device Manager when a session is created/destroyed. A local attacker can use utdmsession to access to sessions of other users.
Severity: 2/4.
Identifiers: 252226, 6740687, BID-35711, CVE-2009-2489.
Publications and announces
Source example: A Security Vulnerability in Sun Ray Server Software may Allow Unauthorized Manipulation of Sessions

Vulnerability : 253889 utaudiod 1
The utaudiod daemon manages the Audio Service. When Trusted Extensions are enabled, a local attacker can generate a denial of service in utaudiod.
Severity: 1/4.
Identifiers: 253889, 6672502, BID-35713, CVE-2009-2490.
Publications and announces
Source example: Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions

Vulnerability : 253889 utaudiod 2
The utaudiod daemon manages the Audio Service. When Trusted Extensions are enabled, a local attacker can use utaudiod to access to the session of another user.
Severity: 2/4.
Identifiers: 253889, 6672502, BID-35713, CVE-2009-2491.
Publications and announces
Source example: Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française