SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Nfs Vendors:   Sun
Solaris NFS Server Null Pointer Dereference Lets Remote Users Crash the File System
SecurityTracker Alert ID:  1008038
SecurityTracker URL:  http://securitytracker.com/id/1008038
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 29 2003
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in the Solaris NFS Server. A remote user can cause the target file server to crash.

It is reported that a remote user can send certain invalid requests for a shared UFS file system on a target Solaris NFS Server to cause a UFS panic on the target server.

The report indicates that only specific forms of invalid requests can trigger the panic and that most malformed requests are properly detected and handled.

The flaw is reportedly due to a NULL pointer dereference.

Impact:   A remote user can cause the target file server to crash.
Solution:   Sun has issued the following fixes:

SPARC Platform

Solaris 7 with patch 106541-27 or later
Solaris 8 with patch 108528-24 or later
Solaris 9 with patch 113454-11 or later

x86 Platform

Solaris 7 with patch 106542-27 or later
Solaris 8 with patch 108529-24 or later
Solaris 9 with patch 114563-07 or later

Vendor URL:  sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406 (Links to External Site)
Cause:   Exception handling error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  7, 8, and 9

Message History:   None.


 Source Message Contents

Subject:  http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406


http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406

57406   NFS Server May Panic Upon Receipt of Certain Invalid Client Requests   27 Oct 2003

Sun warned that a remote user can send certain invalid requests for a shared URS file 
system to a target Solaris NFS Server to cause a UFS panic on the target server.

The report indicates that only specific forms of invalid requests can trigger the panic 
and that most malformed requests are properly detected and handled.

The flaw is reportedly due to a NULL pointer dereference.

Sun has issued the following fixes:

SPARC Platform

Solaris 7 with patch 106541-27 or later
Solaris 8 with patch 108528-24 or later
Solaris 9 with patch 113454-11 or later

x86 Platform

Solaris 7 with patch 106542-27 or later
Solaris 8 with patch 108529-24 or later
Solaris 9 with patch 114563-07 or later

-----

Sun Alert ID: 57406
Synopsis: NFS Server May Panic Upon Receipt of Certain Invalid Client Requests
Category: Security
Product: Solaris
BugIDs: 4854840
Avoidance: Patch
State: Resolved
Date Released: 27-Oct-2003
Date Closed: 27-Oct-2003
Date Modified:


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC