Solaris BSM Auditing Lets Local Users Crash the System
|
|
SecurityTracker Alert ID: 1017992 |
|
SecurityTracker URL: http://securitytracker.com/id/1017992
|
|
CVE Reference:
CVE-2007-2465
(Links to External Site)
|
Updated: May 13 2008
|
Original Entry Date: May 2 2007
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 9
|
Description:
A vulnerability was reported in Solaris when Solaris Auditing (BSM) is enabled. A local user can cause denial of service conditions.
The fchownat() function and other extended attribute calls may generate incomplete audit records. If Solaris Auditing is enabled and certain audit classes are being audited, a local user can trigger a kernel panic.
Solaris 9 is affected. Solaris 8 and Solaris 10 are not affected.
|
Impact:
A local user can cause the target system to crash.
|
Solution:
Sun has issued the following fixes.
SPARC Platform
* Solaris 9 with patch 122300-06 or later
x86 Platform
* Solaris 9 with patch 122301-06 or later
The Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102900-1
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-26-102900-1 (Links to External Site)
|
Cause:
State error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 1 May 2007 23:07:38 -0400
Subject: Solaris 9 Systems With Solaris Auditing (BSM) Enabled may Panic if Certain Audit Classes are Being Audited
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102900-1
|
|
