Sun Microsystems' Solaris operating system has come a cropper for the second time in a week after the Computer Emergency Response Team (Cert) published another security advisory on Monday.
Coincidentally, the new found vulnerability affects exactly the same version of the operating system as the flaw found in the Solaris rwall daemon last week - 2.5.1, 2.6, 7, and 8 on both Sparc and Intel architectures.
This time, the default installation of the cachefsd daemon is at fault. Cachefsd caches requests for operations on remote file systems using the Network File System protocol.
If an attacker sends a maliciously crafted request to the cachefsd daemon, it becomes possible to remotely execute code with the privileges of the cachefsd process, typically root.
It should also be noted that, according to a Sun Alert Notification, failed attempts to exploit this vulnerability may leave a core dump file in the root directory.
But the presence of the core file does not preclude the success of subsequent attacks.
Cert warned that it has received credible reports of scanning and exploitation of Solaris systems running cachefsd.
It is recommended that users running vulnerable systems download a patch from the Sun website. More information can be found here.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally