In association with heise online

31 January 2007, 15:05

One false ping and Solaris is in a panic

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

According to vendor Sun, receiving a single ping packet can be enough to provoke a kernel panic in Solaris 10 systems. The vendor does not disclose the conditions required for this to occur, but in its alert notification, Sun suggests testing whether a system responds to ICMP echo requests using a normal ping command - there must therefore be other conditions which need to be fulfilled in order to trigger the error.

Sparc and x86 systems are affected and an update is available to fix the problem. Alternatively, administrators can filter out ICMP packets using ipfilter. Solaris 8 and 9 are not vulnerable.

The recently published vulnerability in Cisco's IOS also shows of just what a ping packet is capable. According to Cisco it was even possible to inject code onto and execute code on a router using prepared packets.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit