Note: This is an archival copy of Security Sun Alert 200165 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000120.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
A security vulnerability in the vuidmice(7M) STREAMS modules may allow a local unprivileged user who has access to the system console device (console(7D)) to render the console unusable, which is a type of Denial of Service (DoS).
This issue can occur in the following releases:
Note 1: Solaris on the SPARC platform is not impacted by this issue.
Note 2: This issue requires users to have access to the system console device in order to be exploited.
If this issue is exploited, it may render the system console device unusable and may cause garbled characters to be printed on the console. In addition, on Solaris 10 systems, this issue may cause smf(5) to print the following error message on the system console in a continuous loop:
Requesting System Maintenance Mode (See /lib/svc/share/README for more information.) Console login service(s) cannot run
There is no workaround for this issue. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment