CVE-2003-1563

Name of the Vulnerable Software and Affected Versions Sun Cluster versions 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC)

Description The issue allows local users to cause a denial of service, potentially leading to a cluster node panic or abort. This can be achieved by launching a daemon that listens on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM). The daemon may respond in a manner that spoofs a cluster reconfiguration, triggering the denial of service.

Recommendations For Sun Cluster versions 2.2 through 3.2, consider restricting access to the TCP ports used by the Distributed Lock Manager (DLM) to prevent unauthorized daemons from listening on these ports. As a temporary workaround, consider disabling the DLM or restricting its functionality until a patch is available.