Hosting Provided By

Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

From: iDefense Labs <labs-no-reply(at)idefense.com>
Date: Thu Oct 04 2007 - 14:16:02 EDT

Zaraza,

Thank you for pointing out the misleading text. The vulnerability is a signedness error which leads to information disclosure. We have updated the advisory to read as follows.

===
negative value can cause large amounts of kernel memory contents to be disclosed.
===

VeriSign iDefense Labs

> From: 3APA3A <3APA3A_at_SECURITY.NNOV.RU>
> Date: Thu, 4 Oct 2007 20:38:51 +0400
>
> Dear iDefense Labs,
>
> Can you please clarify this issue? According to subject it looks like
> information leak (information disclosure) issue, while according to
> description, it looks more like memory leak (Denial of Service) issue.
Received on Thu Oct 4 14:33:01 2007

This message: [ Message body ]
Next message: Gavin Hanover: "Re: Re[2]: 0day: mIRC pwns Windows"
Previous message: Fred Elliot: "Re: 0day: mIRC pwns Windows"
Maybe in reply to: iDefense Labs: "iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:19:19 EDT