Category
Security
Release Phase
Resolved
ProductSolaris 8 Operating System
Bug Id
4879822
Date of Resolved Release03-SEP-2004
Impact
A remote privileged user may be able to create a denial of the Domain Name System (DNS) service by killing the in.named(1M) daemon. As a result, applications, systems and devices relying on DNS may fail.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 8 without patch 109326-16
x86 Platform
-
Solaris 8 without patch 109327-16
Note: Solaris 7 and Solaris 9 are not affected by this issue.
The described issue only occurs on systems configured as an Internet DNS server. A system is configured to be a DNS server if the configuration file "/etc/named.conf" (named.conf(4)) exists.
Symptoms
If the described issue occurs, the in.named(1M) process is no longer running. To determine if the in.named(1M) process is running, use the pgrep(1) command as shown:
$ pgrep in.named || echo "in.named process NOT found!"
Messages may be logged to syslog(3c) with a severity of "LOG_NOTICE" whose content starts with the following:
"unapproved update from"
Workaround
To work around the described issue, restart in.named(1M) using the following command as root user:
# pgrep in.named || /usr/sbin/in.named
The following simple Bourne shell script will check and restart in.named(1M) as necessary:
# while pgrep in.named || /usr/sbin/in.named; do sleep 10; done
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 8 with patch 109326-16 or later
x86 Platform
-
Solaris 8 with patch 109327-16 or later
Modification History
References
109326-16
109327-16
AttachmentsThis solution has no attachment