CVE-1999-0908

Solaris - Denial of Service via TCP Streams Driver Mutex Recursion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0908. PoCs published by David Brumley.

AI-analyzed exploit summary This is a writeup describing a vulnerability in the Solaris TCP/IP stack where using nmap with OS fingerprinting against an active port and then killing the server can cause a system panic due to recursive mutex_enter calls in the TCP streams driver.

Description

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by David Brumley · textdossolaris
https://www.exploit-db.com/exploits/19507

This is a writeup describing a vulnerability in the Solaris TCP/IP stack where using nmap with OS fingerprinting against an active port and then killing the server can cause a system panic due to recursive mutex_enter calls in the TCP streams driver.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Solaris TCP/IP stack (version not specified)
No auth needed
Prerequisites: nmap installed · target running Solaris with vulnerable TCP/IP stack · active listening port on target
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/655

Scores

EPSS 0.0222
EPSS Percentile 80.5%

Details

Status published
Products (6)
sun/solaris 2.5.1
sun/solaris 2.6
sun/solaris 7.0
sun/sunos
sun/sunos 5.5.1
sun/sunos 5.7
Published Sep 23, 1999
Tracked Since Feb 18, 2026