Solaris Solstice X.25 Crafted SNMP Request DoS

2003-10-22T00:00:00
ID OSVDB:2750
Type osvdb
Reporter OSVDB
Modified 2003-10-22T00:00:00

Description

Vulnerability Description

X.25 contains a flaw that may allow a remote denial of service. The issue is triggered when malformed SNMP Requests are mishandled by the snmpx25d daemon, and will result in loss of availability for the X.25 service.

Technical Description

SPARC Platform Patches:
X.25 9.1 (for Solaris 2.4, 2.5, 2.5.1, 2.6, and 7): 105084-17
X.25 9.2 (for Solaris 7, 8, and 9): 108669-06

x86 Platform Patches:
X.25 9.1 (for Solaris 2.4, 2.5, 2.5.1, 2.6, and 7): 105188-17
X.25 9.2 (for Solaris 7, 8, and 9): 108670-06

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Sun Microsystems has released a patch to address this vulnerability.

Short Description

X.25 contains a flaw that may allow a remote denial of service. The issue is triggered when malformed SNMP Requests are mishandled by the snmpx25d daemon, and will result in loss of availability for the X.25 service.

References:

Vendor Specific Solution URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=105084&rev=17 Vendor Specific Solution URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108669&rev=06 Vendor Specific Solution URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=105188&rev=17 Vendor Specific Solution URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108670&rev=06 Vendor Specific Advisory URL Secunia Advisory ID:10063 Related OSVDB ID: 3175 CERT VU: 854306 CERT: CA-2002-03