Sun Microsystems Inc. Information for VU#266817
Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections
Sun confirms that this denial-of-service vulnerability does affect the following supported versions of Solaris:
Solaris 2.6 and 7
Solaris 8 and 9 are not affected by this issue.
Patches are available for Solaris 2.6 and 7 and are listed in a Sun Alert soon to be available from:
Sun patches are available from:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.