---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/ Stay Secure, Secunia ---------------------------------------------------------------------- TITLE: Sun Solaris DTrace ioctl Handlers Denial of Service SECUNIA ADVISORY ID: SA34836 VERIFY ADVISORY: http://secunia.com/advisories/34836/ DESCRIPTION: Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the DTrace ioctl handlers, which can be exploited to cause a system panic. Successful exploitation requires that the SUNWdtrp package is installed. The vulnerability is reported in Solaris 10 for the SPARC and x86 platform and OpenSolaris based upon builds snv_01 through snv_113. SOLUTION: A final resolution for Solaris 10 is pending. As a workaround, the vendor recommends to restrict access to vulnerable devices (see vendor's advisory for additional information). OpenSolaris: Fixed in OpenSolaris based upon builds snv_114 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Neil Kettle. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-257708-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------