PT-2008-5833 · Sun · Sun Solaris

Federico L. Bossi Bonin

Published

2008-10-20

Updated

2018-10-30

CVE-2008-4619

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Sun Solaris version 9

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, by sending a crafted request to a specific procedure in the RPC subsystem. This is related to the XDR DECODE operation and the taddr2uaddr function.

Recommendations For Sun Solaris version 9, consider restricting access to the RPC subsystem to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the rpcbind service may help prevent the daemon crash.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-4619

Affected Products

Sun Solaris

PT-2008-5833 · Sun · Sun Solaris

CVE-2008-4619

Related Identifiers

Affected Products

References · 11