[Full-disclosure] iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
iDefense Labs
labs-no-reply at idefense.com
Thu Oct 4 19:16:02 BST 2007
Zaraza,
Thank you for pointing out the misleading text. The vulnerability is a
signedness error which leads to information disclosure. We have updated
the advisory to read as follows.
===
negative value can cause large amounts of kernel memory contents to be
disclosed.
===
VeriSign iDefense Labs
> From: 3APA3A <3APA3A_at_SECURITY.NNOV.RU>
> Date: Thu, 4 Oct 2007 20:38:51 +0400
>
> Dear iDefense Labs,
>
> Can you please clarify this issue? According to subject it looks like
> information leak (information disclosure) issue, while according to
> description, it looks more like memory leak (Denial of Service) issue.
Full-Disclosure is hosted and sponsored by Secunia.