The following security issues applies to the Solaris 10 release.
After the account management PAM module for LDAP (pam_ldap) is enabled, users must have passwords to log in to the system. Consequently, nonpassword-based logins fail, including those logins that use the following tools:
Remote shell (rsh)
Remote login (rlogin)
Secure shell (ssh)
Output files that are generated by encrypt() are processed by the corresponding decrypt(). The current release uses a new version of encrypt() and decrypt(). These commands process files whose format differs from files that earlier versions generated and processed. Data that is encrypted by using the earlier encrypt() can no longer be recognized correctly by the new decrypt().
Workaround: To convert old encrypted data so that the data can be processed by the new encrypt() and decrypt() version, perform the following steps:
Decrypt the existing data by using the earlier version of decrypt().
Re-encrypt the same data by using the new encrypt().
A Sun StorEdge T3 system might panic if an application uses the HTTP interface to send tokens with out-of-range parameters.