10 - CVE-2008-1369

Executive Summary

Informations
Name	CVE-2008-1369	First vendor Publication	2008-03-18
Vendor	Cve	Last vendor Modification	2018-10-30

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1369

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-264	Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

Type	Description	Count
Os	Sun Sunos cpe:2.3:o:sun:sunos:5.10:::::::*	1

Open Source Vulnerability Database (OSVDB)

Id	Description
43547	Solaris on SPARC Enterprise Multiple File Root Login Config Weakness Unspecif...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2008-04-24	IAVM : 2008-A-0025 - Sun SPARC Enterprise T5120 and T5220 Default Configuration Root Command Execu... Severity : Category I - VMSKEY : V0015977

Nessus® Vulnerability Scanner

Date	Description
2013-08-21	Name : The remote Solaris host has a misconfigured SSH server. File : sun_sparc_ssh_bad_config.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/28469
SECTRACK	http://www.securitytracker.com/id?1019708
SECUNIA	http://secunia.com/advisories/29529
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1
VUPEN	http://www.vupen.com/english/advisories/2008/0810/references
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/41332

Alert History

If you want to see full details history, please login or register.

Date	Informations
2020-05-23 00:21:27	Multiple Updates
2018-10-31 00:19:51	Multiple Updates
2017-08-08 09:23:57	Multiple Updates
2016-06-28 17:12:46	Multiple Updates
2016-04-26 17:14:08	Multiple Updates
2014-02-17 10:44:17	Multiple Updates
2013-11-11 12:37:51	Multiple Updates
2013-05-11 00:12:49	Multiple Updates

Type	Count
CWE ID(s)	1
CPE ID(s)	1
Sources(s)	6
osvdb(s)	1
IAVM(s)	1
Nessus® Exploit(s)	1

10 - CVE-2008-1369

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU