Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Bug Id
6404337
Date of Resolved Release26-JUN-2007
Impact
A security vulnerability in the Solaris libsldap library may allow a local unprivileged user to disable the Name Service Caching Daemon (see nscd(1M)) causing name service lookups to be slower (as caching will not occur), therefore causing a Denial of Service (DoS) condition.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
- Solaris 8 without patch 126373-02
- Solaris 9 without patch 112960-40
- Solaris 10 without patch 120036-07
x86 Platform
- Solaris 8 without patch 126374-02
- Solaris 9 without patch 114242-27
- Solaris 10 without patch 120037-07
Note: This issue only affects hosts which are configured as LDAP clients. The existence of the ldap_cachemgr(1M) process indicates that a host is configured as an LDAP client. This can be determined by using the following command:
$ pgrep ldap_cachemgr || echo "system is not an LDAP client
Symptoms
On Solaris 8 and 9, the nscd(1M) daemon will core dump and stop running. On Solaris 10, the nscd(1M) daemon will core dump and will be restarted automatically by Service Management Facility (SMF - see smf(5)).
Workaround
There is no workaround for this issue. Please see the Resolution section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
- Solaris 8 with patch 126373-02 or later
- Solaris 9 with patch 112960-40 or later
- Solaris 10 with patch 120036-07 or later
x86 Platform
- Solaris 8 with patch 126374-02 or later
- Solaris 9 with patch 114242-27 or later
- Solaris 10 with patch 120037-07 or later
References
120036-07
112960-40
120037-07
114242-27
126374-02
126373-02
AttachmentsThis solution has no attachment