CERT-In Vulnerability Note CIVN-2008-105
Vulnerability in Solaris snmpXdmid
Original Issue Date:
July 11, 2008
Severity Rating:
Medium
System Affected
- Solaris 8
- Solaris 9
- Solaris 10
Overview
A Vulnerability has been reported in Solaris snmpXdmid which could allow a remote attacker to cause Denial of Service (DoS) condition.
Description
The snmpXdmid utility is a subagent in the Solstice Enterprise Agent Desktop Management Interface package running on Solaris. A security vulnerability exists in the Solaris snmpXdmid. This vulnerability is due to unspecified error which exists in snmpXdmid and it may allow a local or remote unprivileged user to kill the daemon process by sending malformed packets. This vulnerability may lead to Denial of Service (DoS) condition on the affected host.
Solutions
Apply appropriate patches as suggested by vendor
- SPARC Platform
- Solaris 8 with patch 108869-35 or later
- Solaris 9 with patch 137402-01 or later
- Solaris 10 with patch 128415-01 or later
- x86 Platform
- Solaris 8 with patch 108870-35 or later
- Solaris 9 with patch 137403-01 or later
- Solaris 10 with patch 128416-01 or later
Vendor Information
SUN
http://sunsolve.sun.com/search/document.do?assetkey
=1-66-237985-1
References
SUN
http://sunsolve.sun.com/search/document.do?assetkey
=1-66-237985-1
SecurityFocus
http://www.securityfocus.com/bid/29965/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
