Sun Solaris ypserv Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1016494
|
|
SecurityTracker URL: http://securitytracker.com/id?1016494
|
|
CVE Reference: CVE-2006-3664
(Links to External Site)
|
Updated: Jul 18 2008
|
Original Entry Date: Jul 13 2006
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Sun Alert
|
Description: A vulnerability was reported in ypserv. A remote user can cause denial of service conditions.
A remote user can send specially crafted yp data to prevent the target ypserv(1M) NIS server process from responding to NIS name
service requests. Clients bound to the target NIS server may hang or experience slow performance. Other users may not be able
to log in on affected NIS clients.
|
Impact: A remote user can cause connected NIS clients to hang or experience slow performance and prevent other users logging in.
|
Solution: Sun has issued the following fixes.
SPARC Platform
* Solaris 8 with patch 109328-06 or later
* Solaris 9 with patch
113579-09 or later
* Solaris 10 with patch 123186-01 or later
x86 Platform
* Solaris 8 with patch 109329-06 or later
* Solaris 9 with patch 114342-09 or later
* Solaris 10 with patch 122078-02 or later
The Sun advisory is available at:
http://sunsolve.sun.com/search/docume
nt.do?assetkey=1-26-102462-1
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-26-102462-1 (Links to External Site)
|
Cause: Not specified
|
Underlying OS: UNIX (Solaris - SunOS)
|
Underlying OS Comments: 8, 9, 10
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 13 Jul 2006 16:38:48 -0400
Subject: Security Vulnerability With NIS server ypserv(1M) May Allow a Denial of Service (DoS) to Occur
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102462-1
|
|
