Sun Solaris UFS logging enabled denial of service
| solaris-ufs-logging-dos (11481) |  Medium Risk |
Description:
The Union File System (UFS) in Sun Solaris is vulnerable to a denial of service attack. If the "logging" option is enabled, a local attacker with limited system privileges could cause the UFS file system to become unresponsive. The system must be restarted to regain normal functionality.
Consequences:
Denial of Service
Remedy:
Apply patch 113454-04 or later, as listed in Sun Alert ID: 51300. See References.
References:
- Sun Alert ID: 51300: UFS File Systems With Logging Enabled are Vulnerable to a Denial of Service (DoS) Attack.
- BID-7032: Solaris UFS File System Logging Denial Of Service Vulnerability
- CVE-2003-1077: Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang).
- SA8234: SUN Solaris UFS File System Denial of Service
- SECTRACK ID: 1006233: Solaris UFS File System May Allow Local Users to Deny Service
Platforms Affected:
- Sun Solaris 9
Reported:
Mar 05, 2003
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net