New Search

A Security Vulnerability in Solaris 10 involving the sendfilev() system call could result in Denial of Service (DoS) due to System Panic

oval:org.mitre.oval:def:5128

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call as reachable through the sendfilev library.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2008-3666
Product(s):