Info

Disclosure

May 06, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Sun Solaris contains a flaw that may allow a remote denial of service. The issue is triggered when a hosts 'tcp_conn_req_max_q0' tunable setting is set higher than 1024 and the host is undergoing a SYN flood attack, and will result in loss of availability for the platform.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Workaround, Patch
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Sun Microsystems has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): ndd -set /dev/tcp tcp_conn_req_max_q0 1024

Products

Sun Microsystems, Inc.

Solaris

References

FrSIRT Advisory: ADV-2008-1453
Bugtraq ID: 29089
Other Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2008-206.htm
ISS X-Force ID: 42264
Vendor Specific Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200864-1
Secunia Advisory ID: 30125 30131
CVE ID: 2008-2121 (see also: NVD)
Security Tracker: 1019989

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218