Vigil@nce : Solaris, denial of service of snmpXdmid
June 2008 by Vigil@nce
SYNTHESIS
A network attacker can send malformed packets in order to stop
snmpXdmid.
Gravity: 2/4
Consequences: denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 27/06/2008
Identifier: VIGILANCE-VUL-7919
IMPACTED PRODUCTS
– Sun Solaris [confidential versions]
– Sun Trusted Solaris [confidential versions]
DESCRIPTION
The DMI (Desktop Management Interface) protocol is similar to the
SNMP protocol. The Sun Solstice Enterprise SNMP-DMI
(/usr/lib/dmi/snmpXdmid) daemon establishes a bridge between these
protocols. For example, "DMI indications" are converted to "SNMP
trap".
A network attacker can send malformed packets in order to stop
snmpXdmid.
Technical details are unknown.
CHARACTERISTICS
Identifiers: 237985, 6450410, VIGILANCE-VUL-7919