Sun Microsystems' Solaris operating system has come a cropper for the second time in a week after the Computer Emergency Response Team (Cert) published another security advisory on Monday.
Coincidentally, the new found vulnerability affects exactly the same version of the operating system as the flaw found in the Solaris rwall daemon last week - 2.5.1, 2.6, 7, and 8 on both Sparc and Intel architectures.
This time, the default installation of the cachefsd daemon is at fault. Cachefsd caches requests for operations on remote file systems using the Network File System protocol.
If an attacker sends a maliciously crafted request to the cachefsd daemon, it becomes possible to remotely execute code with the privileges of the cachefsd process, typically root.
It should also be noted that, according to a Sun Alert Notification, failed attempts to exploit this vulnerability may leave a core dump file in the root directory.
But the presence of the core file does not preclude the success of subsequent attacks.
Cert warned that it has received credible reports of scanning and exploitation of Solaris systems running cachefsd.
It is recommended that users running vulnerable systems download a patch from the Sun website. More information can be found here.
Connexin drops out of Ofcom auction due to start next week
SwiftKey users now send two billion emoji every week
Recruitment plans are 'most ambitious ever', claims Openreach HR director Kevin Brady
Samsung's under-the-hood improvements separate the S9 from the pack when it comes to the display