Note: This is an archival copy of Security Sun Alert 201710 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001262.1.
Article ID : 1001262.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-24
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Sun Linux 5.0 Denial of Service Vulnerability in "nfs-utils" Package Version 1.0.3 and Earlier

Category
Security

Release Phase
Resolved

Bug Id
4890279

Date of Resolved Release
04-SEP-2003

Impact

Linux 5.0 NFS may allow remote unprivileged users to cause a denial of service and possibly execute arbitrary code via certain RPC requests.

Additional information is available at:


Contributing Factors

This issue can occur in the following releases:

Sun Linux Platform

  • Sun Linux 5.0 with nfs-utils versions 0.3.0 or earlier

To identify the nfs-utils version execute the command "rpm -q nfs-utils".

Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server.


Symptoms

There are no predictable symptoms that would show the described issue has been exploited.


Workaround

There is no workaround. Please see the "Resolution" section below.


Resolution

This issue is addressed in the following releases:

Sun Linux Platform

  • Sun Linux 5.0 with nfs-utils versions 0.3.1-14.72 or later

Sun Linux patches for this issue are available at: http://sunsolve.sun.com/patches/linux/security.html.



Modification History
Date: 04-SEP-2003
  • State: Resolved
  • Updated Contributing Factors and Resolution sections


Product
Sun Linux 5.0


























Attachments
This solution has no attachment