发布日期：2003-04-28
更新日期：2003-05-08

受影响系统：

Sun Solaris RPCbind
    - Sun Solaris 9.0 x86
    - Sun Solaris 9.0 SPARC
    - Sun Solaris 8.0 x86
    - Sun Solaris 8.0
    - Sun Solaris 7.0 x86
    - Sun Solaris 7.0
    - Sun Solaris 2.6 x86
    - Sun Solaris 2.6

描述：

---

BUGTRAQ  ID: 7455
CVE(CAN) ID: CVE-2003-1070

Solaris是一款由Sun Microsystems公司开发和维护的商业性质UNIX操作系统。

Solaris rpcbind存在未明漏洞，本地或远程攻击者可以利用这个漏洞对服务进行拒绝服务攻击。

目前没有详细漏洞细节提供。

<*链接：http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/50922&zone_32=category:security
*>

建议：

---

厂商补丁：

Sun
---
Sun已经为此发布了一个安全公告（Sun-Alert-50922）以及相应补丁:
Sun-Alert-50922：rpcbind(1M) May be Terminated by Unprivileged Client Applications, Leading to Denial of RPC Services
链接：http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/50922&zone_32=category:security

补丁下载：

Sun Solaris 2.6 _x86:

Sun Patch 105402-42
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=105402&rev=42
x86 Platform

Sun Solaris 2.6:

Sun Patch 105401-42
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=105401&rev=42
SPARC Platform

Sun Solaris 7.0 _x86:

Sun Patch 106943-25
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=106943&rev=25
x86 Platform

Sun Solaris 7.0:

Sun Patch 106942-25
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=106942&rev=25
SPARC Platform

Sun Solaris 8.0 _x86:

Sun Patch 108828-40
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108828&rev=40
x86 Platform

Sun Patch 108994-18
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108994&rev=18
x86 Platform

Sun Solaris 8.0:

Sun Patch 108827-40
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108827&rev=40
SPARC Platform

Sun Patch 108993-18
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108993&rev=18
SPARC Platform

Sun Solaris 9.0 _x86:

Sun Patch 113719-07
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113719&rev=07
x86 Platform

Sun Solaris 9.0:

Sun Patch 113319-07
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=113319&rev=07
SPARC Platform

浏览次数：3070
严重程度：0（网友投票）