News
Vigil@nce: Solaris, denial of service via UDP and TE
July 2009 by Vigil@nce
When Solaris Trusted Extensions are enabled and when some patches are installed, an attacker can use UDP packets to stop the system.
Severity: 1/4
Consequences: denial of service of computer
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: medium (2/3)
Creation date: 02/07/2009
IMPACTED PRODUCTS
OpenSolaris
Sun Solaris
DESCRIPTION OF THE VULNERABILITY
Trusted Extensions can be enabled on Solaris, in order for example to provide a fine-grained access control to resources.
A regression error was announced when Trusted Extensions are enabled: - under Solaris 10 with patches 138888-03 or 139555-08 - under OpenSolaris with builds snv_90 to snv_108 In this case, the system refuses to start, or can be stopped in the crgetlabel() function when UDP packets are sent. Technical details are unknown.
When Solaris Trusted Extensions are enabled and when some patches are installed, an attacker can therefore use UDP packets to stop the system.
CHARACTERISTICS
Identifiers: 262048, 6749743, BID-35545, VIGILANCE-VUL-8835
http://vigilance.fr/vulnerability/Solaris-denial-of-service-via-UDP-and-TE-8835
