Oracle Solaris Third-Party Patch Update : stardict (cve_2009_2260_information_exposure)
Medium Nessus Plugin ID 80776
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network.
SolutionUpgrade to Solaris 11/11 SRU 12.4.