Executive Summary

Informations
Name CVE-2008-3666 First vendor Publication 2008-08-13
Vendor Cve Last vendor Modification 2018-10-30

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.1 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3666

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5128
 
Oval ID: oval:org.mitre.oval:def:5128
Title: A Security Vulnerability in Solaris 10 involving the sendfilev() system call could result in Denial of Service (DoS) due to System Panic
Description: Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.
Family: unix Class: vulnerability
Reference(s): CVE-2008-3666
Version: 1
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 304
Os 2
Os 1

Open Source Vulnerability Database (OSVDB)

Id Description
47375 Solaris sendfilev() System Call System Panic Remote DoS

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/30654
OSVDB http://osvdb.org/47375
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK http://www.securitytracker.com/id?1020666
SECUNIA http://secunia.com/advisories/31426
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-239186-1
VUPEN http://www.vupen.com/english/advisories/2008/2337
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/44396

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2021-05-04 12:07:55
  • Multiple Updates
2021-04-22 01:08:17
  • Multiple Updates
2020-05-23 01:39:50
  • Multiple Updates
2020-05-23 00:22:07
  • Multiple Updates
2018-10-31 00:19:53
  • Multiple Updates
2017-09-29 09:23:41
  • Multiple Updates
2017-08-08 09:24:19
  • Multiple Updates
2016-06-28 17:17:03
  • Multiple Updates
2016-04-27 09:30:57
  • Multiple Updates
2016-04-26 17:44:33
  • Multiple Updates
2013-05-11 00:23:55
  • Multiple Updates