vulnerability alert CVE-2009-2029

Solaris: denial of service of NIS

Synthesis of the vulnerability

An attacker located on a NIS client can create a denial of service on the NIS+ server.

Severity: 2/4. Creation date: 10/06/2009.

Impacted products

• OpenSolaris
• Oracle Solaris
• Oracle Trusted Solaris

Description of the vulnerability

The rpc.nisd daemon implements the NIS+ service. An attacker located on a NIS client can create a denial of service on the NIS+ server. Then, other clients cannot use the service. Technical details are unknown.

Share this bulletin

Complete Vigil@nce bulletin

Solaris: denial of service of NIS

Characteristics

Title: Solaris: denial of service of NIS. Keywords: NIS Solaris denial service. Identifiers: 256748, 6466160, BID-35276, CVE-2009-2029, VIGILANCE-VUL-8791.

Information sources

Publications and announces Source example: A Security Vulnerability in the Solaris rpc.nisd(1M) Daemon may Cause a Denial of Service (DoS) Condition to a NIS+ Server

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides software vulnerability bulletins. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.