Sun Solaris UDP Processing Local Denial Of Service Vulnerability
BID:12385
Info
Sun Solaris UDP Processing Local Denial Of Service Vulnerability
| Bugtraq ID: | 12385 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 27 2005 12:00AM |
| Updated: | Jan 27 2005 12:00AM |
| Credit: | The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue. |
| Vulnerable: |
Sun Solaris 9_x86 Sun Solaris 9 Sun Solaris 8_x86 Sun Solaris 8_sparc Avaya CMS Server 12.0 Avaya CMS Server 11.0 Avaya CMS Server 9.0 |
| Not Vulnerable: | |
Discussion
Sun Solaris UDP Processing Local Denial Of Service Vulnerability
A local denial of service vulnerability reportedly affects the UDP endpoint handling of Sun Solaris. This issue is due to a failure of the application to handle excessive UDP endpoint activity.
An attacker may leverage this issue to cause the affected kernel to panic, triggering a system-wide denial of service condition.
A local denial of service vulnerability reportedly affects the UDP endpoint handling of Sun Solaris. This issue is due to a failure of the application to handle excessive UDP endpoint activity.
An attacker may leverage this issue to cause the affected kernel to panic, triggering a system-wide denial of service condition.
Exploit / POC
Sun Solaris UDP Processing Local Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Sun Solaris UDP Processing Local Denial Of Service Vulnerability
Solution:
Sun has released Sun Alert ID: 57728 along with patches dealing with this issue. Please see the referenced advisory for more information. It should be noted that the patch for Solaris 9 on the x86 platform is still pending.
Avaya has released an advisory ASA-2005-033 to identify vulnerable versions of Avaya CMS. Upgrades are planned for the spring of 2005. Please see the referenced advisory for more information.
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
Solution:
Sun has released Sun Alert ID: 57728 along with patches dealing with this issue. Please see the referenced advisory for more information. It should be noted that the patch for Solaris 9 on the x86 platform is still pending.
Avaya has released an advisory ASA-2005-033 to identify vulnerable versions of Avaya CMS. Upgrades are planned for the spring of 2005. Please see the referenced advisory for more information.
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 9
References
Sun Solaris UDP Processing Local Denial Of Service Vulnerability
References:
References: