Sun Solaris NFS RPC Local Denial of Service Vulnerability

Bugtraq ID:	30853
Class:	Access Validation Error
CVE:	CVE-2008-3838
Remote:	No
Local:	Yes
Published:	Aug 26 2008 12:00AM
Updated:	May 07 2015 05:24PM
Credit:	Hewitt Associates
Vulnerable:	Sun Solaris 10_x86 Sun Solaris 10_sparc Sun OpenSolaris build snv_87 Sun OpenSolaris build snv_85 Sun OpenSolaris build snv_68 Sun OpenSolaris build snv_67 Sun OpenSolaris build snv_64 Sun OpenSolaris build snv_59 Sun OpenSolaris build snv_39 Sun OpenSolaris build snv_36 Sun OpenSolaris build snv_22 Sun OpenSolaris build snv_19 Sun OpenSolaris build snv_13 Sun OpenSolaris build snv_02 Sun OpenSolaris build snv_01 Sun OpenSolaris 0
Not Vulnerable:	Sun OpenSolaris build snv_88

Sun Solaris NFS RPC Local Denial of Service Vulnerability

Sun Solaris is prone to a local denial-of-service vulnerability.

A local privileged attacker can exploit this issue to intercept and corrupt traffic destined for other nonglobal zones on the system.

Sun Solaris NFS RPC Local Denial of Service Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Sun Solaris NFS RPC Local Denial of Service Vulnerability

Solution:
Sun has released patches and an advisory. Please see the references for more information.

Sun Solaris NFS RPC Local Denial of Service Vulnerability

References:

• Sun Homepage (Sun Microsystems )
  
• Solution 240866 : Security Vulnerability in Solaris 10 NFS Remote Procedure C (Sun)