The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103082 Security Vulnerability in the Solaris RPC Services Library (librpcsvc(3LIB)) may Lead to a Denial of Service (DoS) Against Networked File Systems

Guest Author
Product: Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

A security vulnerability in the Solaris RPC services library (librpcsvc(3LIB)) may allow a local unprivileged user to crash the automountd(1M) daemon on a system if the user invokes the automountd(1M) service to access a remote NFS server which exports a large number of file systems.

This vulnerability may also allow a remote unprivileged user to crash the mountd(1M) service on an NFS server which exports a large number of file systems. This would prevent further access to the NFS shares on NFS client systems.

The ability to crash the automountd(1M) and the mountd(1M) services is a type of Denial of Service against networked file systems.

Avoidance: Patch, Workaround
State: Resolved
First released: 13-Oct-2007

Join the discussion

Comments ( 1 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.