• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Sun Solaris Kerberos Incremental Propagation Remote Denial Of Service Vulnerability

Severity: MODERATE

Description:

Sun Solaris Kerberos is a network-authentication protocol.

The application is prone to a denial-of-service vulnerability.

An attacker may exploit this issue to prevent incremental propagation of messages from master to slave Key Distribution Center (KDC) servers, resulting in denial-of-service conditions.

The issue affects Solaris 10 and OpenSolaris based on builds snv_01 through snv_110.

Affected Products:

• Avaya CMS Server 15.0
• Nortel Networks Self-Service - CCSS7
• Nortel Networks Self-Service MPS 1000
• Nortel Networks Self-Service Peri Application
• Nortel Networks Self-Service Peri Workstation
• Sun OpenSolaris
• Sun OpenSolaris build snv_01
• Sun OpenSolaris build snv_02
• Sun OpenSolaris build snv_100
• Sun OpenSolaris build snv_102
• Sun OpenSolaris build snv_103
• Sun OpenSolaris build snv_104
• Sun OpenSolaris build snv_105
• Sun OpenSolaris build snv_106
• Sun OpenSolaris build snv_107
• Sun OpenSolaris build snv_108
• Sun OpenSolaris build snv_109
• Sun OpenSolaris build snv_110
• Sun OpenSolaris build snv_13
• Sun OpenSolaris build snv_19
• Sun OpenSolaris build snv_22
• Sun OpenSolaris build snv_36
• Sun OpenSolaris build snv_39
• Sun OpenSolaris build snv_50
• Sun OpenSolaris build snv_57
• Sun OpenSolaris build snv_59
• Sun OpenSolaris build snv_64
• Sun OpenSolaris build snv_67
• Sun OpenSolaris build snv_68
• Sun OpenSolaris build snv_80
• Sun OpenSolaris build snv_85
• Sun OpenSolaris build snv_87
• Sun OpenSolaris build snv_88
• Sun OpenSolaris build snv_89
• Sun OpenSolaris build snv_90
• Sun OpenSolaris build snv_91
• Sun OpenSolaris build snv_92
• Sun OpenSolaris build snv_95
• Sun OpenSolaris build snv_96
• Sun Solaris 10
• Sun Solaris 10_x86

References:

• Avaya: ASA-2009-102 A Security Vulnerability in Kerberos Incremental Propagation
• Nortel Networks: Nortel Response to Sun Alert 249926 - Solaris Kerberos Potential DoS Vulnerabili
• Sun: Solution 249926: A Security Vulnerability in Kerberos Incremental Propagation Ma
• Sun Microsystems: Sun Solaris Homepage

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.