CVE-2009-2596

Name of the Vulnerable Software and Affected Versions Sun Solaris versions 9 and 10 OpenSolaris versions prior to snv 121

Description The issue is related to an unspecified vulnerability in the Solaris Auditing subsystem. It affects systems when extended file attributes are used, allowing local users to cause a denial of service (panic) through vectors related to fad aupath structure members.

Recommendations For Sun Solaris versions 9 and 10, update to a version that includes the fix for this issue. For OpenSolaris versions prior to snv 121, update to a version snv 121 or later. As a temporary workaround, consider restricting the use of extended file attributes until a patch is available.