Security Update Issues

Netscape Communicator Vulnerability

An exploit referred to as "Brown Orifice" creates an HTTP server as a Java applet, which has the effect of turning the Netscape browser into a web server. This allows remote users to access local and networked files. These files include URLs located behind firewalls using "file://", "http://", "https://", "ftp://", and other types of connections. There are no symptoms that would show the problem has occurred.

This is not an architectural problem with the Java security model.

Netscape Communicator versions 4.04 through 4.74 are affected. For more information on this vulnerability see CERT advisory CA-2000-15 at: http://www.cert.org/advisories/CA-2000-15.html

To correct this issue download and install Netscape Communicator version 4.75 from: http://www.sun.com/software/solaris/netscape