VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 23, 1999· Updated Apr 16, 2026

CVE-1999-0908

CVE-1999-0908

Description

Solaris TCP streams driver vulnerable to denial of service via malicious connection causing recursive mutex_enter calls and system panic.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Solaris TCP streams driver vulnerable to denial of service via malicious connection causing recursive mutex_enter calls and system panic.

Vulnerability

A vulnerability exists in the Solaris TCP/IP stack, specifically within the TCP streams driver. This issue can be triggered by a malicious connection that results in recursive calls to mutex_enter, leading to a system panic. The vulnerability affects Solaris 7.0 [1].

Exploitation

An attacker can trigger this vulnerability by using the nmap network mapping utility with the OS fingerprinting option (-O) against an active listening port on a target Solaris system. If the server listening on that port is then terminated, the system will panic due to the recursive calls to mutex_enter within the TCP streams driver [1]. The command example provided is $nmap -O -p 80 targethost.com [1].

Impact

Successful exploitation of this vulnerability results in a denial of service (DoS) by causing the affected Solaris system to panic and become unavailable. The attacker gains the ability to crash the server, disrupting its services.

Mitigation

Information regarding a specific patch or fixed version for this vulnerability is not yet disclosed in the available references. Users are advised to consult official Solaris security advisories for updates. This vulnerability is listed as CVE-1999-0908.

References
  1. Solaris 7.0 - Recursive mutex_enter Remote Panic (Denial of Service)

AI Insight generated on Jun 4, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

6
  • Sun Corporation/Solaris3 versions
    cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*+ 2 more
    • cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
    • cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
    • cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
  • Sun Corporation/Sunos3 versions
    cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
    • cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.