Multiple vulnerabilities in the OpenSSL product impact the Solaris WAN boot software.
An RSA signature forgery vulnerability may allow an untrusted server or client to present a forged identity to the other party during remote software installation when SSL is in use with certain types of certificates. This would allow the security restrictions of that SSL configuration to be circumvented.
Additionally, security vulnerabilities in the ASN.1 parser implementation and public key handling in the OpenSSL library may allow a user who is running a client system that is able to connect to a WAN Boot installation server to cause a Denial Of Service (DoS) to that server. This could prevent the server from providing service to WAN Boot clients. Clients connecting to an untrusted server may also be impacted by this issue.
Note that the WAN Boot software uses a static version of the OpenSSL libraries, meaning that the Solaris 10 resolution for Sun Alert 102744, which corrects applications dynamically linking to the Solaris OpenSSL libraries, is not sufficient to resolve this issue for the WAN Boot software. This Sun Alert will describe the full impact and resolution for the WAN Boot software.
These issues are also described in the following documents:
CERT VU#845620 at http://www.kb.cert.org/vuls/id/845620
CVE-2006-4339 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
CVE-2006-2937 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
CVE-2006-2940 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
Note: This Sun Alert is specific to the Solaris WAN Boot software. Multiple Sun products are affected by the RSA signature forgery issue; for more details please see Sun Alert 102648 at