Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Abonnez-vous gratuitement à notre NEWSLETTER

Newsletter FR

Newsletter EN


Se désabonner

Vigil@nce : Solaris, denial of service of picld

août 2008 par Vigil@nce


An attacker can send requests to picld daemon, theses last will generate a denial of service.

Gravity : 1/4

Consequences : denial of service of service

Provenance : user shell

Means of attack : no proof of concept, no attack

Ability of attacker : expert (4/4)

Confidence : confirmed by the editor (5/5)

Diffusion of the vulnerable configuration : high (3/3)

Creation date : 31/07/2008

Identifier : VIGILANCE-VUL-7983


- OpenSolaris [confidential versions]
- Sun Solaris [confidential versions]
- Sun Trusted Solaris [confidential versions]


PICL (Platform information and control library) is composed by a "picld" daemon and a "libpicl" API. This service can be used to obtain information about the computer.

The prtdiag, prtpicl, prtfru commands are compiled with libpicl. When the user uses theses commands, the libpicl API requests the daemon.

The prtdiag, prtpicl, prtfru commands lead to the usage of a door (handle to access resource) creation function. When the door_create function fails, for example if resources are exhausted, the lock is not freed. The daemon thus keeps this lock and block the access to others threads.

An attacker can therefore send requests to picld daemon, theses last will generate a denial of service.


Identifiers : 239728, 6547926, VIGILANCE-VUL-7983

Voir les articles précédents


Voir les articles suivants