Note: This is an archival copy of Security Sun Alert 200536 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000408.1.
Solaris 8 Operating System
Date of Resolved Release
A remote privileged user may be able to create a denial of the Domain Name System (DNS) service by killing the in.named(1M) daemon. As a result, applications, systems and devices relying on DNS may fail.
This issue can occur in the following releases:
Note: Solaris 7 and Solaris 9 are not affected by this issue.
The described issue only occurs on systems configured as an Internet DNS server. A system is configured to be a DNS server if the configuration file "/etc/named.conf" (named.conf(4)) exists.
If the described issue occurs, the in.named(1M) process is no longer running. To determine if the in.named(1M) process is running, use the pgrep(1) command as shown:
$ pgrep in.named || echo "in.named process NOT found!"
Messages may be logged to syslog(3c) with a severity of "LOG_NOTICE" whose content starts with the following:
"unapproved update from"
To work around the described issue, restart in.named(1M) using the following command as root user:
# pgrep in.named || /usr/sbin/in.named
The following simple Bourne shell script will check and restart in.named(1M) as necessary:
# while pgrep in.named || /usr/sbin/in.named; do sleep 10; done
This issue is addressed in the following releases:
This solution has no attachment