Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Abonnez-vous gratuitement à notre NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Se désabonner

Vigil@nce : Solaris, denial of service of picld

août 2008 par Vigil@nce

SYNTHESIS

An attacker can send requests to picld daemon, theses last will
generate a denial of service.

Gravity : 1/4

Consequences : denial of service of service

Provenance : user shell

Means of attack : no proof of concept, no attack

Ability of attacker : expert (4/4)

Confidence : confirmed by the editor (5/5)

Diffusion of the vulnerable configuration : high (3/3)

Creation date : 31/07/2008

Identifier : VIGILANCE-VUL-7983

IMPACTED PRODUCTS

 OpenSolaris [confidential versions]
 Sun Solaris [confidential versions]
 Sun Trusted Solaris [confidential versions]

DESCRIPTION

PICL (Platform information and control library) is composed by a
"picld" daemon and a "libpicl" API. This service can be used to
obtain information about the computer.

The prtdiag, prtpicl, prtfru commands are compiled with libpicl.
When the user uses theses commands, the libpicl API requests the
daemon.

The prtdiag, prtpicl, prtfru commands lead to the usage of a door
(handle to access resource) creation function. When the
door_create function fails, for example if resources are
exhausted, the lock is not freed. The daemon thus keeps this lock
and block the access to others threads.

An attacker can therefore send requests to picld daemon, theses
last will generate a denial of service.

CHARACTERISTICS

Identifiers : 239728, 6547926, VIGILANCE-VUL-7983

https://vigilance.aql.fr/tree/1/7983


Voir les articles précédents

    

Voir les articles suivants