Sun Solaris vuidmice(7M) STREAMS Modules Local Denial of Service Vulnerability

Bugtraq ID:	25971
Class:	Unknown
CVE:	CVE-2007-5319
Remote:	No
Local:	Yes
Published:	Oct 08 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	The vendor disclosed this issue.
Vulnerable:	Sun Solaris 9_x86 Sun Solaris 8_x86 Sun Solaris 10_x86
Not Vulnerable:

Sun Solaris vuidmice(7M) STREAMS Modules Local Denial of Service Vulnerability

Sun Solaris is prone to a local denial-of-service vulnerability.

This issue stems from an unspecified error in the vuidmice(7M) STREAMS Modules. Local attackers may exploit this issue to cause the console to become unusable, denying service to legitimate users.

The following versions are affected:

Solaris 8 x86
Solaris 9 x86
Solaris 10 x86

Sun Solaris vuidmice(7M) STREAMS Modules Local Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Sun Solaris vuidmice(7M) STREAMS Modules Local Denial of Service Vulnerability

Solution:
Sun has released an advisory and fixes to address this issue. Please see the references for more information.


Sun Solaris 9_x86

• Sun Solaris 9 x86 patch 117419-03
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -117419-03-1

Sun Solaris 8_x86

• Sun Solaris 8 x86 patch 114154-02
  http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -114154-02-1

Sun Solaris vuidmice(7M) STREAMS Modules Local Denial of Service Vulnerability

References:

• Sun Solaris Home Page (Sun Microsystems)
  
• Sun Alert ID: 103065 Security Vulnerability in the vuidmice(7M) STREAMS Modules (Sun Microsystems)