« Sun Alert 262908... | Main | Sun Alert 103069... »
09 Sep 2009 Sun Alert 267088 Multiple Security Vulnerabilities in Solaris TCP (see tcp(7P)) Implementation May Lead to a Denial of Service (DoS) Condition
posted by chandan in Alerts
Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

Multiple security vulnerabilities exist in the Solaris TCP (see tcp(7P)) implementation due to the lack of resource control mechanisms. These issues may allow a remote privileged user with real IP addresses or subnet to easily cause certain network services on the affected system to become unresponsive, which is a type of Denial of Service (DoS). The extent of the impact depends on the network application.

These issues are also referenced in the following documents:

CERT-FI Advisory on the Outpost24 TCP Issues [FICORA #193744] at https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html

CVE CVE-2008-4609 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4609

Sun acknowledges with thanks, Jack C. Louis and Robert E. Lee of Outpost24, and CERT-FI for bringing these issues to our attention.

State: Workaround
First released: 09-Sep-2009
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-267088-1
Permalink |
Comments:

Post a Comment:

Comments are closed for this entry.

« Sun Alert 262908... | Main | Sun Alert 103069... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« December 2009
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.