Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2008-06-16 |
| Product | Opensolaris | Last view | 2010-04-21 |
| Version | snv_111 | Type | Os |
| Update | * | ||
| Edition | x86 | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:sun:opensolaris | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4 | 2010-04-21 | CVE-2009-4774 | Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. |
| 7.5 | 2010-02-05 | CVE-2010-0559 | The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain. |
| 7.5 | 2010-02-05 | CVE-2010-0558 | The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain. |
| 4.9 | 2010-02-03 | CVE-2010-0453 | The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. |
| 4.6 | 2010-01-08 | CVE-2010-0271 | hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification. |
| 7.1 | 2009-12-08 | CVE-2009-4226 | Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function. |
| 5 | 2009-11-25 | CVE-2009-4075 | Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread." |
| 6.8 | 2009-11-02 | CVE-2009-3839 | Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. |
| 4.4 | 2009-10-16 | CVE-2009-3706 | Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call. |
| 1.9 | 2009-09-28 | CVE-2009-3432 | Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. |
| 7.2 | 2009-09-14 | CVE-2009-3183 | Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. |
| 7.1 | 2009-09-10 | CVE-2009-3164 | Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. NOTE: this issue exists because of an incomplete fix for CVE-2009-2136. |
| 4.9 | 2009-09-08 | CVE-2009-3101 | xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. |
| 4 | 2009-09-08 | CVE-2009-3100 | xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. |
| 7.1 | 2009-08-28 | CVE-2009-3000 | The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." |
| 4.9 | 2009-08-07 | CVE-2009-2711 | XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. |
| 6.8 | 2009-08-03 | CVE-2009-2652 | Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. |
| 4.9 | 2009-07-29 | CVE-2009-2644 | Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." |
| 4.7 | 2009-07-27 | CVE-2009-2596 | Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. |
| 4.9 | 2009-07-16 | CVE-2009-2488 | Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations." |
| 7.8 | 2009-07-16 | CVE-2009-2486 | Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets. |
| 10 | 2009-07-02 | CVE-2009-2296 | The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. |
| 7.8 | 2009-06-19 | CVE-2009-2136 | Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. |
| 4.7 | 2009-06-05 | CVE-2009-1933 | Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. |
| 7.2 | 2008-09-02 | CVE-2008-3875 | The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 14% (2) | CWE-399 | Resource Management Errors |
| 14% (2) | CWE-362 | Race Condition |
| 14% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
| 14% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 14% (2) | CWE-16 | Configuration |
| 7% (1) | CWE-255 | Credentials Management |
| 7% (1) | CWE-200 | Information Exposure |
| 7% (1) | CWE-134 | Uncontrolled Format String |
| 7% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 62221 | OpenSolaris Default Configuration smbadm Windows Active Directory Domain Join... |
| 62220 | OpenSolaris Default Configuration kclient Windows Active Directory Domain Joi... |
| 62046 | Solaris Microcode Device UCODE_GET_VERSION IOCTL NULL Dereference Local DoS |
| 61621 | OpenSolaris hald(1M) Unspecified Audit Record Writing Failure |
| 60874 | OpenSolaris Kernel IP Module Multiple Function Race Condition DoS |
| 60498 | Solaris sshd(1M) Timeout Mechanism Unspecified Remote DoS |
| 59354 | Solaris Trusted Extensions Policy Unspecified Remote Bypass |
| 59049 | ZFS Filesystem on Solaris file_chown_self Privilege Local Restriction Bypass |
| 58278 | Solaris xscreensaver RandR Extension Resized Locked Screen Information Disclo... |
| 58110 | Solaris w(1) Utility Local Overflow |
| 58005 | Solaris lx Branded Zones Unspecified Local DoS |
| 57895 | Solaris Gnome-XScreenSaver (xscreensaver) Multiple Method Local Screen Lock DoS |
| 57823 | Solaris IPv6 Networking Stack Cassini Gigabit-Ethernet Device Driver (ce(7D))... |
| 57457 | Solaris sockfs Kernel Module Unspecified HTTP Requests Remote DoS |
| 56854 | Solaris XScreenSaver (xscreensaver(1)) PopUp Window Information Disclosure |
| 56682 | Solaris Trusted Extensions Labeled Packet Handling Remote DoS |
| 56607 | Solaris Auditing Subsystem Extended File Attributes Race Condition Local DoS |
| 56325 | Solaris Auditing Extended File Attributes (fsattr(5)) Handling Local DoS |
| 55876 | Solaris NFSv4 Kernel Module Client System Panic Local DoS |
| 55875 | Solaris SCTP Packet Handling System Panic Remote DoS |
| 55519 | Solaris NFSv4 Server Kernel Module nfs_portmon Tunable Shared Resource Restri... |
| 55233 | Solaris TCP/IP Networking Stack Cassini Gigabit-Ethernet Device Driver (ce(7D... |
| 54979 | Kerberos on Solaris Local NFS Mount/Share Credential Cache Management Unspeci... |
| 47857 | Solaris Kernel Covert Channel Security Restriction Bypass |
| 47422 | Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Format S... |
ExploitDB Exploits
| id | Description |
|---|---|
| 11351 | Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-10-13 | Name : Solaris Update for w and whodo 142285-01 File : nvt/gb_solaris_142285_01.nasl |
| 2009-10-13 | Name : Solaris Update for w and whodo 142286-01 File : nvt/gb_solaris_142286_01.nasl |
| 2009-09-23 | Name : Solaris Update for klmmod 141734-03 File : nvt/gb_solaris_141734_03.nasl |
| 2009-06-03 | Name : Solaris Update for usr/lib/utmp_update 113718-02 File : nvt/gb_solaris_113718_02.nasl |
| 2009-06-03 | Name : Solaris Update for utmp_update 113996-02 File : nvt/gb_solaris_113996_02.nasl |
| 2009-06-03 | Name : Solaris Update for snoop 114262-05 File : nvt/gb_solaris_114262_05.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-A-0113 | Sun Solaris Remote Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0021928 |
| 2009-T-0047 | Sun Solaris Kernel Denial of Service Vulnerability Severity: Category I - VMSKEY: V0019908 |
| 2009-T-0040 | Sun Solaris Network File System Unauthorized Network Access Vulnerability Severity: Category II - VMSKEY: V0019716 |
| 2008-T-0043 | Multiple Sun Solaris snoop Vulnerabilities Severity: Category II - VMSKEY: V0017141 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | IBM AIX and Oracle Solaris nfsd v4 nfs_portmon security bypass attempt RuleID : 20248 - Type : PROTOCOL-RPC - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-02-02 | Name: The remote host is missing Sun Security Patch number 143913-01 File: solaris10_x86_143913.nasl - Type: ACT_GATHER_INFO |
| 2009-10-19 | Name: The remote host is missing Sun Security Patch number 126363-10 File: solaris10_126363.nasl - Type: ACT_GATHER_INFO |
| 2009-10-15 | Name: The remote host is missing Sun Security Patch number 141444-09 File: solaris10_141444.nasl - Type: ACT_GATHER_INFO |
| 2009-10-15 | Name: The remote host is missing Sun Security Patch number 141445-09 File: solaris10_x86_141445.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 114262-05 File: solaris9_x86_114262.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 108964-11 File: solaris8_108964.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 108965-11 File: solaris8_x86_108965.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 112915-06 File: solaris9_112915.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122301-61 File: solaris9_x86_122301.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122300-61 File: solaris9_122300.nasl - Type: ACT_GATHER_INFO |
| 2007-02-18 | Name: The remote host is missing Sun Security Patch number 120095-36 File: solaris10_x86_120095.nasl - Type: ACT_GATHER_INFO |
| 2007-02-18 | Name: The remote host is missing Sun Security Patch number 120094-36 File: solaris10_120094.nasl - Type: ACT_GATHER_INFO |
| 2006-11-06 | Name: The remote host is missing Sun Security Patch number 115158-14 File: solaris9_115158.nasl - Type: ACT_GATHER_INFO |
| 2006-11-06 | Name: The remote host is missing Sun Security Patch number 115159-14 File: solaris9_x86_115159.nasl - Type: ACT_GATHER_INFO |
| 2006-02-19 | Name: The remote host is missing Sun Security Patch number 117351-61 File: solaris8_x86_117351.nasl - Type: ACT_GATHER_INFO |
| 2006-02-19 | Name: The remote host is missing Sun Security Patch number 117350-62 File: solaris8_117350.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 112908-38 File: solaris9_112908.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 113718-05 File: solaris9_113718.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 113996-06 File: solaris9_x86_113996.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 115168-24 File: solaris9_x86_115168.nasl - Type: ACT_GATHER_INFO |
