Sun Microsystems announced two new security updates last night.
#102911 NFS Client Module
This update involves a security vulnerability in the NFS client module for Solaris 8, 9, and 10 on all platforms. Due to the mishandling of acl(2) packets, an attacker could cause an NFS server to panic, resulting in a Denial of Service (DoS). Sun has made patches available to address this issue. More detailed information can be found on SunSolve.
#102929 snmpd
A security vulnerability has been found in the SNMP daemon when running in “master agentx” mode in Solaris 10 on all platforms. An attacker could initiate a Denial of Service by causing a particular TCP disconnect. Sun currently has a patch available for Solaris 10 on SPARC, but suggests x86 Solaris 10 users disable “master agentx” and restart the SNMP daemon. More detailed information is available on SunSolve.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply