Note: This is an archival copy of Security Sun Alert 239728 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019442.1.
Solaris 8 Operating System
Solaris 9 Operating System
Solaris 10 Operating System
Date of Resolved Release
A Security Vulnerability in picld(1M) May Allow a Denial of Service to System Monitoring and System Services
Due to a security vulnerability in the Solaris Platform Information and Control Library daemon (picld(1M)), a local unprivileged user may be able to disable system monitoring and prevent system utilities (prtdiag(1M), prtpicl(1M), prtfru(1M)) from operating properly. This is a type of Denial of Service (DoS).
2. Contributing Factors
This can occur in the following releases:
1. Solaris 8 on the x86 platform is not impacted by this issue
2. Only OpenSolaris installations including the affected binary below are impacted by this issue.
3. OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. The base build can be derived as follows:
$ uname -a
If this issue has been exploited to cause a Denial of Service, invocations of prtpicl(1M), prtfru(1M) and prtdiag(1M) will not run to completion and will not display information that is normally seen.
There is no workaround that would prevent this issue from being exploited.
If the issue has been exploited, it is possible to recover from the Denial of Service state by stopping and restarting picld(1M) by doing the following:
For Solaris 10, issue the following command:
# svcadm restart picl
For Solaris 9 and 8, issue the following commands:
# /etc/init.d/picld stop
# /etc/init.d/picld start
This issue is addressed in the following releases:
This solution has no attachment