27 January 2009, 12:43
DoS vulnerability in Sun Solaris 10
An exploit has been reported on the Full Disclosure security mailing list for Sun Solaris 10 on x86 based systems. The exploit can cause a kernel panic via an IPv6 vulnerability. It only takes a single crafted IPv6 packet to be sent to a system to cause the kernel panic.
The exact cause of the problem is still unknown. The author of the post on the exploit, who goes by the pseudonym of 'Kingcope', has said that the crash dump entries show that there is a problem in connection to the IPSec. A patch is not yet available and the only current solution may be to switch off IPv6 support.
See also:
- Solaris Devs Are Smoking Pot, Exploit from Kingcope
(crve)
Print Version | Send by email
| Permalink: http://h-online.com/-739831
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
