Technical Description

A vulnerability has been identified in Sun OpenSolaris, which could allow local attackers to cause a denial of service. This issue is caused by an unspecified error within the "idmap" command, which may allow a local unprivileged user to kill the "idpmapd" daemon on a CIFS server and cause the "idmapd" SMF service to transition to the "maintenance" state, creating a denial of service condition.

Affected Products

Sun OpenSolaris builds snv_88 through snv_110

Solution

Upgrade to OpenSolaris build snv_111 or later

References

http://www.vupen.com/english/advisories/2009/1519
http://sunsolve.sun.com/search/document.do?assetkey=1-66-260508-1

Credits

Vulnerability reported by the vendor.

ChangeLog

2009-06-09 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.