SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Nfs Vendors:   Sun
Sun Solaris NFS Bug Lets Remote Users Deny Service to NFS Clients By Killing the 'lockd' Daemon
SecurityTracker Alert ID:  1005440
SecurityTracker URL:  http://securitytracker.com/id/1005440
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 17 2002
Impact:   Denial of service via local system, Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Sun Solaris NFS. A user could deny service to NFS clients.

Sun issued an Alert Notification warning that a remote or local user may be able to deny service to NFS clients that require file locking by killing the lockd(1M) daemon. The method to kill lockd was not disclosed.

Impact:   A remote or local user can deny service to NFS clients that require file locking.
Solution:   Sun has issued the following fixes:

SPARC

* Solaris 2.6 with patch 105181-33
* Solaris 7 with both patch 106541-23 or later and patch 109744-02 or later
* Solaris 8 with both patch 109783-02 or later and patch 111321-03 or later
* Solaris 9 with both patch 113278-01 or later and patch 113279-01 or later

Intel

* Solaris 2.6 with patch 105182-33 or later
* Solaris 7 with both patch 106542-23 or later and patch 109745-02 or later
* Solaris 8 with both patch 109784-02 or later and patch 111322-03 or later

Sun is working on a final resolution for Solaris 2.5.1.

Vendor URL:  sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F47815 (Links to External Site)
Cause:   Not specified
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  Solaris 2.5.1, 2.6, 7, 8, and 9

Message History:   None.


 Source Message Contents

Subject:  Sun Alert 47815 NFS denial of service


http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F47815

Sun issued an Alert Notification (47815) warning that a remote or local user may be able
to deny service to NFS clients that require file locking by killing the lockd(1M) daemon. 
The method to kill lockd was not disclosed.

The following releases are affected:

Solaris 2.5.1, 2.6, 7, 8, and 9


Sun has issued the following fixes:


SPARC

* Solaris 2.6 with patch 105181-33
* Solaris 7 with both patch 106541-23 or later and patch 109744-02 or later
* Solaris 8 with both patch 109783-02 or later and patch 111321-03 or later
* Solaris 9 with both patch 113278-01 or later and patch 113279-01 or later

Intel

* Solaris 2.6 with patch 105182-33 or later
* Solaris 7 with both patch 106542-23 or later and patch 109745-02 or later
* Solaris 8 with both patch 109784-02 or later and patch 111322-03 or later

Sun is working on a final resolution for Solaris 2.5.1.


    * Sun Alert ID: 47815
    * Synopsis: NFS Denial of Service can be Caused by a Client Application Killing the
lockd(1M) Daemon
    * Category: Security
    * Product: Solaris
    * BugIDs: 4492876
    * Avoidance: Patch
    * State: Committed
    * Date Released: 16-Oct-2002
    * Date Closed:
    * Date Modified:



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC