Note: This is an archival copy of Security Sun Alert 260951 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020570.1.
Solaris 10 Operating System
Date of Resolved Release
A Security Vulnerability in the Solaris IP Filter (ipf(5)) May Lead to a Denial of Service (DoS) Condition
A security vulnerability in the Solaris IP Filter (ipfilter(5)) may allow a local or remote unprivileged user to panic the system. This is a type of Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
1. Solaris 8 and 9 do not bundle ipfilter(5) and are not impacted by this issue.
2. Only OpenSolaris installations including the following binary are impacted by this issue:
3. OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. The base build can be derived as follows:
$ uname -v4. A system is only vulnerable to this issue, if it uses IP Filter (ipfilter(5)). To determine if a system is using IP Filter, the following command can be run:
# svcs -xv ipfilterThe above output indicates that ipfilter(5) is not running and the system is not vulnerable to this issue.
If the described issue occurs, the system may panic with a stack trace similar to the following:
To work around this issue, disable ipfilter by using the following command:
# svcadm disable ipfilterNote: Disabling the ipfilter(5) will deactivate all packet filtering rules configured on the system using ipf(1M).
This issue is addressed in the following releases:
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment