Vulnerability Note VU#390742

Sun Solaris Volume Manager (SVM) fails to properly handle malformed probe requests

Original Release date: 26 Jul 2004 | Last revised: 26 Jul 2004

Overview

There is a vulnerability in the Sun Solaris Volume Manager (SVM) that could allow a local user to cause a denial-of-service condition.

Description

The Sun Volume Manager is a component of the Solaris operating system and provides disk and storage management. There is a vulnerability in the way the Sun Volume Manager handles certain types of probe requests. By supplying an incorrectly formed probe request, a local user could cause a denial-of-service condition on a Solaris 9 system with this service configured.

Impact

A local user could cause a denial-of-service condition.

Solution

Apply patch

Sun has issued an advisory which addresses this issue. For more information on patches available for your system, please refer to Sun Security Alert 57598.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Sun Microsystems Inc.Affected-26 Jul 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported by Sun Microsystems.

This document was written by Damon Morda.

Other Information

  • CVE IDs: Unknown
  • Date Public: 16 Jul 2004
  • Date First Published: 26 Jul 2004
  • Date Last Updated: 26 Jul 2004
  • Severity Metric: 2.70
  • Document Revision: 7

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.