A local or remote unprivileged user may be able to prevent the ypserv(1M) NIS server process from answering NIS name service requests. A Denial of Service (DoS) may occur as clients currently bound to the NIS server may experience hangs or slow performance. Users may no longer be able to log in on affected NIS clients.

This issue can occur in the following releases:

SPARC Platform

• Solaris 8 without patch 109328-06
• Solaris 9 without patch 113579-09
• Solaris 10 without patch 123186-01

x86 Platform

• Solaris 8 without patch 109329-06
• Solaris 9 without patch 114342-09
• Solaris 10 without patch 122078-02

Should the described issue occur, the NIS server will no longer respond to client NIS requests. The ypserv(1M) process may no longer be running on the NIS server.

In the following example, ypcat(1) is seen to hang and is thus aborted with Control-C. The ypwhich(1) command displays the NIS server which is found to be otherwise alive:

    $ ypcat hosts | head
    ^C
    $ ypwhich
    yp-server
    $ ping yp-server
    yp-server is alive

On the NIS server, the ypserv(1M) process can be verified with the following command:

    # pgrep ypserv || echo "ypserv not running"

To work around the described issue if the NIS server is unresponsive or not running, it can be stopped and restarted by running the following commands (as "root"):

    # /usr/lib/netsvc/yp/ypstop
    # /usr/lib/netsvc/yp/ypstart

This issue is addressed in the following releases:

SPARC Platform

• Solaris 8 with patch 109328-06 or later
• Solaris 9 with patch 113579-09 or later
• Solaris 10 with patch 123186-01 or later

x86 Platform

• Solaris 8 with patch 109329-06 or later
• Solaris 9 with patch 114342-09 or later
• Solaris 10 with patch 122078-02 or later

This solution has no attachment