|
|
>> Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability
|
Title : Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2008-2425
CVE ID : CVE-2008-3839
CWE ID : CWE-400
Rated as : Low Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2008-08-25
|
A vulnerability has been identified in Sun Solaris and OpenSolaris, which could be exploited by local attackers to cause a denial of service. This issue is caused by an unspecified error in the NFS kernel module on systems with kernel patches 120011-14 (SPARC) and 120012-14 (x86), which could allow a local unprivileged user to cause an NFS server to panic, creating a denial of service condition.
Affected Products
Sun Solaris 10
Sun OpenSolaris builds snv_59 through snv_87
Solution
Sun Solaris 10 (SPARC) - Apply patch 138070-02 or later
Sun OpenSolaris (SPARC) - Upgrade to build snv_88 or later
Sun Solaris 10 (x86) - Apply patch 138071-02 or later
Sun OpenSolaris (x86) - Upgrade to build snv_88 or later
References
http://www.vupen.com/english/advisories/2008/2425
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241066-1
Credits
Vulnerability reported by the vendor.
ChangeLog
2008-08-25 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
