Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Bug Id
6266921
Date of Resolved Release25-SEP-2006
Impact
A security vulnerability may allow a local unprivileged user to disable the syslog(3c) function, resulting in the failure of messages to be written to the system log. Disabling of system logging constitutes a Denial of Service (DoS).
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
- Solaris 8 without patch 117350-38
- Solaris 9 without patch 118558-29
- Solaris 10 without patch 118833-19
x86 Platform
- Solaris 8 without patch 117351-38
- Solaris 9 without patch 118559-29
- Solaris 10 without patch 118855-16
Symptoms
Messages written by the logger(1) utility or applications calling syslog(3c) do not appear in the log files configured in syslog.conf(4).
Workaround
There is no workaround for this issue. Please see the Resolution section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
- Solaris 8 with patch 117350-38 or later
- Solaris 9 with patch 118558-29 or later
- Solaris 10 with patch 118833-19 or later
x86 Platform
- Solaris 8 with patch 117351-38 or later
- Solaris 9 with patch 118559-29 or later
- Solaris 10 with patch 118855-16 or later
References
117350-38
117351-38
118558-29
118559-29
118833-19
118855-16
AttachmentsThis solution has no attachment