This issue can occur in the
following releases:
SPARC Platform
- Solaris 8 without patch 116965-33
- Solaris 9 without patch 114344-35
- Solaris 10 without patch 119998-01
x86 Platform
- Solaris 8 without patch 116966-32
- Solaris 9 without patch 119435-23
- Solaris 10 without patch 119999-01
Note:
This issue affects hosts which have a value for the ndd(1M)
tunable
'tcp_conn_req_max_q0' which is considerably higher than the default
value of 1024. The higher the value, the greater the impact of this
issue if it is exploited on a host. While a value close to or less than
1024 does not make the system immune to a Denial of Service, it decreases the impact of a DoS
on the system.
To determine the value of the
'tcp_conn_req_max_q0' tunable, the following command can be used:
$ ndd -get /dev/tcp tcp_conn_req_max_q0
1024