Note: This is an archival copy of Security Sun Alert 201252 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000936.1.
Solaris 10 Operating System
Date of Resolved Release
A security vulnerability in Solaris 10 SCTP INIT processing (see sctp(7P)) may allow a privileged remote user to panic the system, resulting in a Denial of Service (DoS).
This issue can occur in the following releases:
Note: Solaris 8 and Solaris 9 are not impacted by this issue.
This issue only affects systems with a "SCTP" socket in the "LISTEN" state. To determine if a host has such a socket, the following command may be used:
$ netstat -an -P sctp | grep LISTEN
If the system does not have any "SCTP" sockets in the "LISTEN" state, it is not vulnerable to this issue.
Should the described issue occur, the system may panic with a stack trace similar to the following:
... sctp_lookup_faddr_nosctp sctp_secure_restart_check sctp_process_cookie ...
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment