PT-2002-2311 · Sun · Sun Solaris

Published

2002-12-03

Updated

2018-10-30

CVE-2002-1586

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Sun Solaris versions 2.5.1 through 9

Description The issue allows local users to cause a denial of service, resulting in a kernel panic. This is achieved by setting the sd struiowrq variable in the struioget function to null, which triggers a null dereference.

Recommendations For Sun Solaris versions 2.5.1 through 9, as a temporary workaround, consider restricting access to the struioget function until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1586

Affected Products

Sun Solaris

PT-2002-2311 · Sun · Sun Solaris

CVE-2002-1586

Related Identifiers

Affected Products

References · 5