Executive Summary
| Summary | |
|---|---|
| Title | Sun Alert 268188 Security Vulnerability in the VBoxNetAdpCtl Configuration Tool for Sun VirtualBox May Lead to Escalation of Privileges |
| Informations | |||
|---|---|---|---|
| Name | SUN-268188 | First vendor Publication | 2009-10-06 |
| Vendor | Sun | Last vendor Modification | 2010-01-20 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Product: VirtualBox 3 A security vulnerability in the VBoxNetAdpCtl configuration tool forcertain Sun VirtualBox 3.0 packages may allow local unprivileged userswho are authorized to run VirtualBox to execute arbitrary commands withroot privileges. Sun would like to acknowledge with thanks, Thomas Biege of SUSE Linux for bringing this issue to our attention. This issue is also referenced in the following document: State: Resolved First released: 06-Oct-2009 |
Original Source
| Url : http://blogs.sun.com/security/entry/sun_alert_268188_security_vulnerability |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 4 |
ExploitDB Exploits
| id | Description |
|---|---|
| 2009-10-17 | Sun VirtualBox <= 3.0.6 privilege escalation |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-01-20 | Name : Gentoo Security Advisory GLSA 201001-04 (virtualbox-bin virtualbox-ose virtua... File : nvt/glsa_201001_04.nasl |
| 2009-11-20 | Name : Sun VirtualBox 'VBoxNetAdpCtl' Privilege Escalation Vulnerability File : nvt/secpod_sun_virtualbox_priv_esc_vuln_lin.nasl |
| 2009-10-13 | Name : FreeBSD Ports: virtualbox File : nvt/freebsd_virtualbox.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 58652 | Sun VirtualBox VBoxNetAdpCtl Configuration Tool Unspecified Local Privilege E... VirtualBox contains a flaw related to the VBoxNetAdpCtl configuration tool that may allow an attacker to escalate privileges. No further details have been provided. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-04.nasl - Type : ACT_GATHER_INFO |
| 2009-10-08 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ebeed063b32811deb6a50030843d3802.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:57:56 |
|
