|
Note: This is an archival copy of Security Sun Alert 201935 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001432.1. |
Category Security Release Phase Resolved Solaris 9 Operating System Solaris 2.6 Operating System Solaris 7 Operating System Solaris 8 Operating System Bug Id 4812764 Date of Resolved Release 23-JUN-2003 Impact A local or remote unprivileged user may be able to terminate the syslogd(1M) daemon on a Solaris system by sending large sized syslog(3C) packets. As a result, system messages are no longer forwarded to log files or users as configured in the syslog.conf(4) file, which is a type of Denial of Service (DoS). This issue is described in: http://www.securityfocus.com/archive/1/324015/2003-06-05/2003-06-11/0 Sun acknowledges with thanks, David Thiel, for bringing this issue to our attention. Contributing Factors This issue can occur in the following releases: SPARC Platform
x86 Platform
Symptoms If the syslogd(1M) daemon is no longer running, the system may have encountered the described issue. The following command can be executed to check if the "/usr/sbin/syslogd" process and the syslogd(1M) daemon are running on the system: $ /usr/bin/ps -ef | grep syslogd root 336 1 0 Jun 12 ? 0:03 /usr/sbin/syslogd The output as shown above indicates that the syslogd(1M) daemon is running. Workaround There is no workaround. Please see the "Resolution" section below. Resolution This issue is addressed in the following releases: SPARC Platform
x86 Platform
Modification History References106439-13106440-14 106541-25 106542-25 110945-08 110946-08 112998-03 114932-01 Attachments This solution has no attachment | |||||||||||||||
|
|