Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > April 2006 > Sun Security Bulletin: Sun Alert ID: 102282 - Security Vulnerability May Allow 'sh' Process to be Crashed Causing a Denial of Service

April 2006

Sun Security Bulletin: Sun Alert ID: 102282 - Security Vulnerability May Allow 'sh' Process to be Crashed Causing a Denial of Service

ID: 00299
Ref: 297/2006
Date: 21 April 2006:11:28:47
Version: 1
Title: Sun Security Bulletin: Sun Alert ID: 102282 - Security Vulnerability May Allow 'sh' Process to be Crashed Causing a Denial of Service
Abstract: A security vulnerability in the Bourne shell may allow an unprivileged local user to cause sh(1) processes to crash while creating temporary files. This can lead to a Denial of Service (DoS) for scripts or for users (such as 'root') that use sh(1).
Vendors affected: Sun
Operating systems affected: Sun
Applications affected: Sun
Title
=====

Sun Security Bulletin: Sun Alert ID: 102282 - Security Vulnerability May Allow 'sh'
Process to be Crashed Causing a Denial of Service

Detail
======

A security vulnerability in the Bourne shell may allow an unprivileged
local user to cause sh(1) processes to crash while creating temporary
files. This can lead to a Denial of Service (DoS) for scripts or for
users (such as 'root') that use sh(1).


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================


ESB-2006.0273 -- [Solaris]
Security Vulnerability May Allow 'sh' Process to be Crashed
Causing a Denial of Service
20 April 2006

===========================================================================



Product: Bourne shell (sh)
Publisher: Sun Microsystems
Operating System: Solaris 8,9,10
Impact: Denial of Service
Access: Existing Account

Original Bulletin:
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102282-1

- - --------------------------BEGIN INCLUDED TEXT--------------------

Sun(sm) Alert Notification
* Sun Alert ID: 102282
* Synopsis: Security Vulnerability May Allow 'sh' Process to be
Crashed Causing a Denial of Service
* Category: Security
* Product: Solaris 9 Operating System, Solaris 10 Operating System,
Solaris 8 Operating System
* BugIDs: 6277636
* Avoidance: Patch
* State: Resolved
* Date Released: 11-Apr-2006
* Date Closed: 11-Apr-2006
* Date Modified:

1. Impact

A security vulnerability in the Bourne shell may allow an unprivileged
local user to cause sh(1) processes to crash while creating temporary
files. This can lead to a Denial of Service (DoS) for scripts or for
users (such as 'root') that use sh(1).

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform
* Solaris 8 without patch 109324-09
* Solaris 9 without patch 118535-03
* Solaris 10 without patch 121004-01

x86 Platform
* Solaris 8 without patch 109325-09
* Solaris 9 without patch 118536-03
* Solaris 10 without patch 121005-01

3. Symptoms

There are no predictable symptoms that would indicate this issue has
been exploited to cause a shell to crash.

4. Relief/Workaround

There is no workaround. Please see the "Resolution" section below.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform
* Solaris 8 with patch 109324-09 or later
* Solaris 9 with patch 118535-03 or later
* Solaris 10 with patch 121004-01 or later

x86 Platform
* Solaris 8 with patch 109325-09 or later
* Solaris 9 with patch 118536-03 or later
* Solaris 10 with patch 121005-01 or later

This Sun Alert notification is being provided to you on an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT
YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE
OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN.
This Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.

Copyright 2000-2006 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved


iQCVAwUBREbFUyh9+71yA2DNAQJY4wP+PBidHreEQ1SuPTpDD4whxObUM6vPmk17
Cx8YcJfL/RYELpYrqrDUHaUZBvIiaJTo15uc7qXo/QI/rSvjc8LrU7ai26wACCQx
tN/64F3hXT9nZOCC3NvX5n2nspJzJX5oq2xr8LCZiLPMhEDiksjsNLxAnOF/BMQX
COwJku6mMxo=
=wwMA
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |