Summary
Detail | |||
---|---|---|---|
Vendor | Oracle | First view | 2009-07-01 |
Product | Opensolaris | Last view | 2010-10-14 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.6 | 2010-10-14 | CVE-2010-3580 | Unspecified vulnerability in Oracle OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/File System. |
9 | 2010-10-14 | CVE-2010-3578 | Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Depot Server. |
6.4 | 2010-10-14 | CVE-2010-3577 | Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS. |
3.6 | 2010-10-14 | CVE-2010-3576 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver. |
1.9 | 2010-10-14 | CVE-2010-3542 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB. |
4 | 2010-10-14 | CVE-2010-3540 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to ZFS. |
4.9 | 2010-10-13 | CVE-2010-3517 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to Kernel/X86. |
4 | 2010-10-13 | CVE-2010-3516 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand. |
4 | 2010-10-13 | CVE-2010-3515 | Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Disk Driver. |
2.4 | 2010-10-13 | CVE-2010-3513 | Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers. |
2.6 | 2010-10-13 | CVE-2010-3511 | Unspecified vulnerability in Oracle OpenSolaris allows local users to affect integrity and availability via unknown vectors related to Tooltalk. |
6.3 | 2010-10-13 | CVE-2010-3503 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su. |
4.6 | 2010-07-13 | CVE-2010-2400 | Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Filesystem. |
4.6 | 2010-07-13 | CVE-2010-2399 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/VM. |
3.8 | 2010-07-13 | CVE-2010-2393 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to RPC. |
5.6 | 2010-07-13 | CVE-2010-2392 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect integrity and availability, related to ZFS. |
4.9 | 2010-07-13 | CVE-2010-2386 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to GigaSwift Ethernet Driver. |
3.2 | 2010-07-13 | CVE-2010-2383 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS. |
6.2 | 2010-07-13 | CVE-2010-0916 | Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rdist. |
7.6 | 2010-07-13 | CVE-2010-0083 | Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
3.6 | 2010-04-13 | CVE-2010-0895 | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 allows local users to affect integrity and availability via unknown vectors related to IP Filter. |
2.1 | 2010-04-13 | CVE-2010-0890 | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel. |
4.9 | 2010-04-13 | CVE-2010-0889 | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_68 through snv_128 allows local users to affect confidentiality via unknown vectors related to the Kernel. |
7.2 | 2010-04-13 | CVE-2010-0882 | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions. |
4.9 | 2009-10-01 | CVE-2009-3519 | Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCPROTO, and (4) M_SIG STREAMS messages. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
50% (1) | CWE-667 | Insufficient Locking |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:6152 | Security Vulnerability in the Solaris Kernel Involving the Interaction of the... |
oval:org.mitre.oval:def:7023 | Solaris and OpenSolaris products Trusted Extensions component vulnerability |
oval:org.mitre.oval:def:7594 | Solaris and OpenSolaris products kernel component vulnerability |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
70517 | OpenSolaris Kernel / File System Unspecified Local DoS |
70515 | OpenSolaris Depot Server Unspecified Remote Issue |
70514 | OpenSolaris Kernel / CIFS Unspecified Remote Issue |
70513 | Solaris / OpenSolaris SCSI Enclosure Services Device Driver Unspecified Local... |
70511 | Solaris / OpenSolaris USB Unspecified Local Information Disclosure |
70510 | Solaris / OpenSolaris ZFS Unspecified Local DoS |
70508 | Solaris / OpenSolaris Kernel/X86 Unspecified Local DoS |
70507 | Solaris / OpenSolaris InfiniBand Unspecified Local DoS |
70506 | Solaris / OpenSolaris Kernel / Disk Driver Unspecified Local DoS |
70505 | Solaris / OpenSolaris Device Drivers Unspecified Local Issue |
70504 | OpenSolaris Tooltalk Unspecified Local Issue |
70500 | Solaris / OpenSolaris su Unspecified Local Issue |
66377 | Solaris / OpenSolaris Kernel / Filesystem Unspecified Local DoS (2010-2400) |
66376 | Solaris / OpenSolaris Kernel / VM Unspecified Local DoS (2010-2399) |
66372 | Solaris / OpenSolaris RPC Unspecified Local DoS (2010-2393) |
66371 | Solaris / OpenSolaris ZFS Unspecified Local Issue (2010-2392) |
66370 | Solaris / OpenSolaris GigaSwift Ethernet Driver Unspecified Local DoS (2010-2... |
66367 | Solaris / OpenSolaris NFS Unspecified Local Issue (2010-2383) |
66350 | OpenSolaris rdist Unspecified Local Issue (2010-0916) |
66327 | ToolTalk Database Server rpc.ttdbserverd RPC Remote Overflow |
64069 | Solaris Kernel Unspecified Local Information Disclosure |
64068 | Solaris IP Filter Unspecified Local Issue |
64067 | Solaris Kernel Unspecified Local DoS (2010-0890) |
63813 | Solaris Trusted Extensions Unspecified Local Privilege Escalation |
58449 | Solaris Kernel IP Module Unspecified Local DoS |
ExploitDB Exploits
id | Description |
---|---|
15245 | Oracle Solaris CVE-2010-3503 'su' Local Solaris Vulnerability |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2007-03-18 | Name: The remote host is missing Sun Security Patch number 122300-61 File: solaris9_122300.nasl - Type: ACT_GATHER_INFO |