search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Sun Solaris lockd(1M) daemon vulnerable to DoS

Vulnerability Note VU#855635

Original Release Date: 2003-02-05 | Last Revised: 2003-02-06


A remotely exploitable denial-of-service vulnerability exists in the Solaris lockd(1M) daemon. Exploitation of this vulnerability may kill the lockd process.


Sun Microsystems describes the lockd(1M) daemon as follows:

The lockd utility is part of the NFS lock manager, which supports record locking operations on NFS files. The lock manager provides two functions:

      • it forwards fcntl(2) locking requests for NFS mounted file systems to the lock manager on the NFS server
      • it generates local file locking operations in response to requests forwarded from lock managers running on NFS client machines
A vulnerability in the lockd(1M) daemon may allow a remote attacker to terminate the lockd(1M) process. A tool to exploit this vulnerability is publicly available.


A remote attacker can terminate the lockd(1M) daemon.


Apply a patch. For more information about the patches, please see Sun Alert Notification 47815.

Vendor Information


Sun Microsystems Inc. Affected

Notified:  August 16, 2002 Updated: February 05, 2003



Vendor Statement

Sun confirms that this NFS Denial of Service does affect the following supported versions of Solaris:

Solaris 2.6, 7, 8, and 9

Patches are available for the above Solaris versions and are listed in Sun Alert 47815:


Sun patches are available from:

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector



The CERT/CC thanks Phil Moses of UC San Diego for reporting this vulnerability to us.

This document was written by Ian A Finlay.

Other Information

CVE IDs: CVE-2002-1228
Severity Metric: 8.10
Date Public: 2003-01-02
Date First Published: 2003-02-05
Date Last Updated: 2003-02-06 18:00 UTC
Document Revision: 11

Sponsored by CISA.