Via IT Observer -
Sun Microsystems has issued a security update intended for computers running Sun Solaris 10 operating system. The update patches a security vulnerability that could cause kernel panic by sending one false ICMP request.
The vendor does not disclose the conditions required for the attack to occur, but in its security advisory, Sun suggest testing whether a system responds to ICMP echo requests using a normal ping utility.
"A security vulnerability in the Solaris 10 ICMP handling process may allow a remote unprivileged user to panic the system, resulting in a Denial of Service (DoS) condition," states the advisory.
Sun has released an update to fix the problem.
----------------------------------------------------------
More info here and here.
While are you patching your Sun boxes, you might as well patch the Loopback FileSystem Security Bypass vulnerability as well.
No comments:
Post a Comment