Disa Srr For Solaris

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Disa	First view	2009-12-04
Product	Srr For Solaris	Last view	2009-12-04
Version		Type	Application
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:a:disa:srr_for_solaris::::::::	1

Related : CVE

	Date	Alert	Description
9.3	2009-12-04	CVE-2009-4211	The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.

CWE : Common Weakness Enumeration

%	id	Name
100% (1)	CWE-264	Permissions, Privileges, and Access Controls

Open Source Vulnerability Database (OSVDB)

id	Description
60798	DISA SRR Script for Solaris x86 Multiple Filename SUID Execution Local Privil...

Information Assurance Vulnerability Management (IAVM)

id	Description
2009-A-0136	DISA UNIX Security Readiness Review (SRR) Scripts Local Privilege Escalation ... Severity: Category II - VMSKEY: V0022162

Nessus® Vulnerability Scanner

id	Description
2013-09-17	Name: The remote host is affected by a local privilege escalation vulnerability. File: disa_unix_srr_2009-A-0136.nasl - Type: ACT_GATHER_INFO

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0282s

Facebook rss twitter linkedin mail