SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (File Transfer/Sharing)  >  Nfs Vendors:  Sun
Solaris NFS Server Null Pointer Dereference Lets Remote Users Crash the File System
SecurityTracker Alert ID:  1008038
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 29 2003
Impact:  Denial of service via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Description:  A vulnerability was reported in the Solaris NFS Server. A remote user can cause the target file server to crash.

It is reported that a remote user can send certain invalid requests for a shared UFS file system on a target Solaris NFS Server to cause a UFS panic on the target server.

The report indicates that only specific forms of invalid requests can trigger the panic and that most malformed requests are properly detected and handled.

The flaw is reportedly due to a NULL pointer dereference.
Impact:  A remote user can cause the target file server to crash.
Solution:  Sun has issued the following fixes:

SPARC Platform

Solaris 7 with patch 106541-27 or later
Solaris 8 with patch 108528-24 or later
Solaris 9 with patch 113454-11 or later

x86 Platform

Solaris 7 with patch 106542-27 or later
Solaris 8 with patch 108529-24 or later
Solaris 9 with patch 114563-07 or later
Vendor URL:  sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406 (Links to External Site)
Cause:  Exception handling error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  7, 8, and 9

Message History:   None.

 Source Message Contents
Date:  Wed, 29 Oct 2003 14:00:36 -0500
Subject:  http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406

 

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57406

57406   NFS Server May Panic Upon Receipt of Certain Invalid Client Requests   27 Oct 2003

Sun warned that a remote user can send certain invalid requests for a shared URS file 
system to a target Solaris NFS Server to cause a UFS panic on the target server.

The report indicates that only specific forms of invalid requests can trigger the panic 
and that most malformed requests are properly detected and handled.

The flaw is reportedly due to a NULL pointer dereference.

Sun has issued the following fixes:

SPARC Platform

Solaris 7 with patch 106541-27 or later
Solaris 8 with patch 108528-24 or later
Solaris 9 with patch 113454-11 or later

x86 Platform

Solaris 7 with patch 106542-27 or later
Solaris 8 with patch 108529-24 or later
Solaris 9 with patch 114563-07 or later

-----

Sun Alert ID: 57406
Synopsis: NFS Server May Panic Upon Receipt of Certain Invalid Client Requests
Category: Security
Product: Solaris
BugIDs: 4854840
Avoidance: Patch
State: Resolved
Date Released: 27-Oct-2003
Date Closed: 27-Oct-2003
Date Modified:


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC