Vulnerability Note VU#379390

Sun Solaris contains a vulnerability in the tcsetattr() library function

Original Release date: 31 Mar 2004 | Last revised: 05 Apr 2004

Overview

A vulnerability in the Sun Solaris tcsetattr() library function could allow a unprivileged local user to cause the system to hang.

Description

Sun Solaris uses a tcsetattr() library function to set the parameters associated with the terminal. There is an unspecified vulnerability in the tcsetattr() library function that could allow a local user to cause the system to hang, resulting in a denial-of-service condition. According to Sun, this only affects SPARC-based systems.

Impact

An unprivileged local user could cause the system to hang, resulting in a denial-of-service condition. In order to restore functionality, the system may need to be rebooted.

Solution

Apply Patch

Sun has issued an advisory to address this issue. For information on patches available for your system, please refer to the Sun Security Advisory.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Sun Microsystems Inc.Affected-31 Mar 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported by Sun Microsystems Inc.

This document was written by Damon Morda.

Other Information

  • CVE IDs: Unknown
  • Date Public: 30 Jan 2004
  • Date First Published: 31 Mar 2004
  • Date Last Updated: 05 Apr 2004
  • Severity Metric: 2.64
  • Document Revision: 10

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.