Oracle Opensolaris

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Oracle	First view	2009-07-01
Product	Opensolaris	Last view	2010-10-14
Version		Type
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:o:oracle:opensolaris::::::::	21
cpe:2.3:o:oracle:opensolaris:snv_98:::::::*	4
cpe:2.3:o:oracle:opensolaris:snv_01:::::::*	4
cpe:2.3:o:oracle:opensolaris:10:::::::*	2
cpe:2.3:o:oracle:opensolaris:8:::::::*	1
cpe:2.3:o:oracle:opensolaris:9:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_134:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_119:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_128:::::::*	1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

	Date	Alert	Description
4.6	2010-10-14	CVE-2010-3580	Unspecified vulnerability in Oracle OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/File System.
9	2010-10-14	CVE-2010-3578	Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Depot Server.
6.4	2010-10-14	CVE-2010-3577	Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS.
3.6	2010-10-14	CVE-2010-3576	Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver.
1.9	2010-10-14	CVE-2010-3542	Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB.
4	2010-10-14	CVE-2010-3540	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to ZFS.
4.9	2010-10-13	CVE-2010-3517	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to Kernel/X86.
4	2010-10-13	CVE-2010-3516	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand.
4	2010-10-13	CVE-2010-3515	Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Disk Driver.
2.4	2010-10-13	CVE-2010-3513	Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.
2.6	2010-10-13	CVE-2010-3511	Unspecified vulnerability in Oracle OpenSolaris allows local users to affect integrity and availability via unknown vectors related to Tooltalk.
6.3	2010-10-13	CVE-2010-3503	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
4.6	2010-07-13	CVE-2010-2400	Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Filesystem.
4.6	2010-07-13	CVE-2010-2399	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/VM.
3.8	2010-07-13	CVE-2010-2393	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to RPC.
5.6	2010-07-13	CVE-2010-2392	Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect integrity and availability, related to ZFS.
4.9	2010-07-13	CVE-2010-2386	Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to GigaSwift Ethernet Driver.
3.2	2010-07-13	CVE-2010-2383	Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS.
6.2	2010-07-13	CVE-2010-0916	Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist.
7.6	2010-07-13	CVE-2010-0083	Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
3.6	2010-04-13	CVE-2010-0895	Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 allows local users to affect integrity and availability via unknown vectors related to IP Filter.
2.1	2010-04-13	CVE-2010-0890	Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel.
4.9	2010-04-13	CVE-2010-0889	Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_68 through snv_128 allows local users to affect confidentiality via unknown vectors related to the Kernel.
7.2	2010-04-13	CVE-2010-0882	Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions.
4.9	2009-10-01	CVE-2009-3519	Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCPROTO, and (4) M_SIG STREAMS messages.

CWE : Common Weakness Enumeration

%	id	Name
50% (1)	CWE-772	Missing Release of Resource after Effective Lifetime
50% (1)	CWE-667	Insufficient Locking

CAPEC : Common Attack Pattern Enumeration & Classification

id	Name
CAPEC-1	Accessing Functionality Not Properly Constrained by ACLs
CAPEC-13	Subverting Environment Variable Values
CAPEC-17	Accessing, Modifying or Executing Executable Files
CAPEC-39	Manipulating Opaque Client-based Data Tokens
CAPEC-45	Buffer Overflow via Symbolic Links
CAPEC-51	Poison Web Service Registry
CAPEC-59	Session Credential Falsification through Prediction
CAPEC-60	Reusing Session IDs (aka Session Replay)
CAPEC-76	Manipulating Input to File System Calls
CAPEC-77	Manipulating User-Controlled Variables
CAPEC-87	Forceful Browsing
CAPEC-104	Cross Zone Scripting

Oval Markup Language : Definitions

OvalID	Name
oval:org.mitre.oval:def:6152	Security Vulnerability in the Solaris Kernel Involving the Interaction of the...
oval:org.mitre.oval:def:7023	Solaris and OpenSolaris products Trusted Extensions component vulnerability
oval:org.mitre.oval:def:7594	Solaris and OpenSolaris products kernel component vulnerability

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
70517	OpenSolaris Kernel / File System Unspecified Local DoS
70515	OpenSolaris Depot Server Unspecified Remote Issue
70514	OpenSolaris Kernel / CIFS Unspecified Remote Issue
70513	Solaris / OpenSolaris SCSI Enclosure Services Device Driver Unspecified Local...
70511	Solaris / OpenSolaris USB Unspecified Local Information Disclosure
70510	Solaris / OpenSolaris ZFS Unspecified Local DoS
70508	Solaris / OpenSolaris Kernel/X86 Unspecified Local DoS
70507	Solaris / OpenSolaris InfiniBand Unspecified Local DoS
70506	Solaris / OpenSolaris Kernel / Disk Driver Unspecified Local DoS
70505	Solaris / OpenSolaris Device Drivers Unspecified Local Issue
70504	OpenSolaris Tooltalk Unspecified Local Issue
70500	Solaris / OpenSolaris su Unspecified Local Issue
66377	Solaris / OpenSolaris Kernel / Filesystem Unspecified Local DoS (2010-2400)
66376	Solaris / OpenSolaris Kernel / VM Unspecified Local DoS (2010-2399)
66372	Solaris / OpenSolaris RPC Unspecified Local DoS (2010-2393)
66371	Solaris / OpenSolaris ZFS Unspecified Local Issue (2010-2392)
66370	Solaris / OpenSolaris GigaSwift Ethernet Driver Unspecified Local DoS (2010-2...
66367	Solaris / OpenSolaris NFS Unspecified Local Issue (2010-2383)
66350	OpenSolaris rdist Unspecified Local Issue (2010-0916)
66327	ToolTalk Database Server rpc.ttdbserverd RPC Remote Overflow
64069	Solaris Kernel Unspecified Local Information Disclosure
64068	Solaris IP Filter Unspecified Local Issue
64067	Solaris Kernel Unspecified Local DoS (2010-0890)
63813	Solaris Trusted Extensions Unspecified Local Privilege Escalation
58449	Solaris Kernel IP Module Unspecified Local DoS

ExploitDB Exploits

id	Description
15245	Oracle Solaris CVE-2010-3503 'su' Local Solaris Vulnerability

Nessus® Vulnerability Scanner

id	Description
2007-03-18	Name: The remote host is missing Sun Security Patch number 122300-61 File: solaris9_122300.nasl - Type: ACT_GATHER_INFO

vDNA Monitoring

	no vDNA Monitoring
Monitor this product now !

Global informations

Mapping	Total
CVE ID(s)	27
CWE ID(s)	2
CAPEC ID(s)	12
OVALid	3
osvdb(s)	27
ExploitDB Exploit(s)	1
Nessus® Exploit(s)	1

CPE Name	Affected CVE
cpe:2.3:o:oracle:opensolaris::::::::	21
cpe:2.3:o:oracle:opensolaris:snv_98:::::::*	4
cpe:2.3:o:oracle:opensolaris:snv_01:::::::*	4
cpe:2.3:o:oracle:opensolaris:10:::::::*	2
cpe:2.3:o:oracle:opensolaris:8:::::::*	1
cpe:2.3:o:oracle:opensolaris:9:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_134:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_119:::::::*	1
cpe:2.3:o:oracle:opensolaris:snv_128:::::::*	1

	%	Affected CVE
Critical (9-10)	3.7%	1
High (7-8.9)	7.41%	2
Medium (4-6.9)	59.26%	16
Low (0.1-3.9)	29.63%	8
Pending... (0)	0%	0

Oracle Opensolaris

Summary

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

Related : CVE

CWE : Common Weakness Enumeration

CAPEC : Common Attack Pattern Enumeration & Classification

Oval Markup Language : Definitions

Open Source Vulnerability Database (OSVDB)

ExploitDB Exploits

Nessus® Vulnerability Scanner

vDNA Monitoring

Global informations

Risk Rating (CVSS)

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU