Vigil@nce: Solaris, denial of service of NFS RPC
August 2008 by Vigil@nce
A privileged local attacker can create a denial of service on NFS.
– Gravity: 1/4
– Consequences: denial of service of service
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 28/08/2008
– Identifier: VIGILANCE-VUL-8069
IMPACTED PRODUCTS
– OpenSolaris [confidential versions]
– Sun Solaris [confidential versions]
DESCRIPTION
The NFS service is used to share files. It is based on RPC (Remote
Procedure Calls).
The administrator can define zones in order to partition services
offered by the system. For example, there can be a non global zone
containing untrusted users, and another zone containing the NFS
service.
However, in this configuration, an administrator in the first zone
can disturb the RPC on the second zone, and thus create a denial
of service on NFS. It can be noted that Secure NFS is not impacted.
A privileged local attacker can therefore create a denial of
service on NFS.
CHARACTERISTICS
– Identifiers: 240866, 6655251, CVE-2008-3838, VIGILANCE-VUL-8069
– Url: https://vigilance.aql.fr/tree/1/8069