Sun Solaris BSM audit denial of service

solaris-bsm-audit-dos (16483) The risk level is classified as MediumMedium Risk

Description:

Sun Solaris is vulnerable to a denial of service attack. If the Basic Security Module (BSM) is configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class, a local attacker could cause the system to panic.


Consequences:

Denial of Service

Remedy:

Apply the appropriate patch for your system, as listed below. Refer to Sun Alert ID: 57497 for more information. See References.

SPARC Platform:
Solaris 7: 106541-33 or later
Solaris 8: 109007-18 or later
Solaris 9: 114332-12 or later

x86 Platform:
Solaris 7: 106542-33 or later
Solaris 8: 109008-18 or later
Solaris 9: 116248-01 or later

References:

  • Sun Alert ID: 57497: Security Vulnerability in Solaris Systems With Basic Security Module (BSM) Configured to Audit the "ad" or "as" Audit Class.
  • BID-10594: Sun Solaris Basic Security Module Auditing Denial Of Service Vulnerability
  • CVE-2004-0654: Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
  • SA11930: Sun Solaris Basic Security Module Denial of Service Vulnerability
  • US-CERT VU#901582: Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes

Platforms Affected:

  • Sun Solaris 7.0
  • Sun Solaris 8
  • Sun Solaris 9

Reported:

Jun 22, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page