Sun Solaris IKED(1M) Denial of Service Vulnerability
BID:24209
Info
Sun Solaris IKED(1M) Denial of Service Vulnerability
| Bugtraq ID: | 24209 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-2989 |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 29 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Sun Solaris 9_x86 Sun Solaris 9_sparc Avaya CMS Server 13.0 Avaya CMS Server 12.0 Avaya CMS Server 14.0 Avaya CMS Server 13.1 |
| Not Vulnerable: | |
Discussion
Sun Solaris IKED(1M) Denial of Service Vulnerability
The 'in.iked' service for Sun Solaris is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.
An attacker can exploit this issue to crash the affected service, denying service to legitimate users.
The 'in.iked' service for Sun Solaris is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.
An attacker can exploit this issue to crash the affected service, denying service to legitimate users.
Exploit / POC
Sun Solaris IKED(1M) Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Sun Solaris IKED(1M) Denial of Service Vulnerability
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Sun Solaris 9_x86
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Sun Solaris 9_x86
References
Sun Solaris IKED(1M) Denial of Service Vulnerability
References:
References:
- ASA-2007-227 - Security Vulnerability in the in.iked(1M) Service May Lead To a D (Avaya)
- Sun Solaris Homepage (Sun Microsystems)
- Sun Alert ID 102745: A Security Vulnerability in the in.iked(1M) Service May Lea (Sun Microsystems)