SynopsisThe remote Solaris system is missing a security patch from CPU apr2019.
DescriptionThis Solaris system is missing necessary patches to address a critical security update :
- Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: File Locking Services). The supported version that is affected is 11.
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris.
Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. (CVE-2019-2577)
SolutionInstall the apr2019 CPU from the Oracle support website.