There is a DoS vulnerability in inetd for default Solaris 2.6 installations. Here's the needed patch: Patch-ID# 107774-01 In answer to the many "WTF are you running unpatched servers for??!?!!?" comments. I'm in a large manufacturing environment that requires every system to be EXACTLY the same in every Fab. When these systems were first built, their status was essentially locked by management and absolutely no changes are allowed without going through a lengthy white-paper process. Fortunately, these systems are not Internet-accessible, so in theory, the only people that should be able to bring these systems to their knees are me and my coworkers. :-) But I agree that these systems need to be patched and I'll begin the white-paper process to do so. Thanks to the following people for pointing out the necessary patch and bug info: Rick Kelly Ryan Krenzischek Thomas Anders Casper Dik Ed Mitchell David Meissner __________ Original post: __________ I got a bit of a surprise today when I was port scanning our servers to document them, and the network services froze up on me. I was running nmap-2.54beta22 and scanning Solaris 2.6 (5/98) Ultra-2 boxes. No patches have ever been installed on these boxes. Not all servers had their network services freeze... only about half of them. I got on the console afterwards, but I wasn't able to restart any of the inetd services... so I ended up rebooting in order to bring things back online (boo! hiss! boo!) Has anyone encountered anything like this before or have any ideas what happened? I'd like to avoid further issues like this in the future and I'd like to know why this happened. Thanks. I'll summarize. ~MattReceived on Wed May 30 17:47:59 2001
This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:24:55 EDT