In association with heise online

05 May 2008, 09:42

Possible Denial of Service against Solaris

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Sun has discovered vulnerabilities in Solaris 10 for the SPARC and x86 platforms that enable attackers to paralyse targetted systems. Patches are provided to rectify the problem.

The security advisory warns that local users or remote attackers can use crafted packets in the Stream Control Transmission Protocol (SCTP) to trigger a system panic and denial of service (DoS). Attackers can also flood a network with SCTP packages, loading the computer so that it no longer responds. Sun gives no details of these vulnerabilities, but says both the SPARC and x86 implementations of Solaris 10 are affected. Solaris 8 and 9, on the other hand, are said to be unaffected by this vulnerability. Sun has provided patches to rectify the problem: 127127-08 for the SPARC platform and 127128-08 for the x86 architecture. Administrators should swiftly download and apply the relevant patch.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit