Sun Solaris 'in.named' Can Be Crashed By Remote Users
|
|
SecurityTracker Alert ID: 1011169 |
|
SecurityTracker URL: http://securitytracker.com/id/1011169
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Sep 6 2004
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in the Sun Solaris in the name server daemon. A remote user can cause denial of service conditions.
Sun reported that a remote "privileged" user can send a dynamic DNS update to the target system to cause the in.named(1M) daemon to crash.
Solaris 8 is affected. Solaris 7 and Solaris 9 are not affected.
No further details were provided.
|
Impact:
A remote user can cause the name service daemon to crash.
|
Solution:
Sun has issued the following fixes:
SPARC Platform
* Solaris 8 with patch 109326-16 or later
x86 Platform
* Solaris 8 with patch 109327-16 or later
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-26-57614-1 (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 6 Sep 2004 16:32:56 -0400
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57614-1
|
Document ID: 57614
Title: Document ID 57614
Synopsis: The in.named(1M) Process May Die Upon Receiving Dynamic Updates
Update Date: 2004-09-03
Sun reported that a remote "privileged" user can kill the in.named(1M) daemon.
Solaris 8 is affected. Solaris 7 and Solaris 9 are not affected.
Sun has issued the following fixes:
SPARC Platform
* Solaris 8 with patch 109326-16 or later
x86 Platform
* Solaris 8 with patch 109327-16 or later
-----
* Sun Alert ID: 57614
* Synopsis: The in.named(1M) Process May Die Upon Receiving Dynamic Updates
* Category: Security
* Product: Solaris
* BugIDs: 4879822
* Avoidance: Workaround, Patch
* State: Resolved
* Date Released: 03-Sep-2004
* Date Closed: 03-Sep-2004
* Date Modified:
|
|
