This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2008-06-16
Product Opensolaris Last view 2010-02-05
Version snv_128 Type Os
Update *  
Edition sparc  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:sun:opensolaris

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2010-02-05 CVE-2010-0559

The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.

4.6 2010-01-08 CVE-2010-0271

hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.

7.2 2008-09-02 CVE-2008-3875

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.

9.3 2008-08-08 CVE-2008-0965

Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.

9.3 2008-08-08 CVE-2008-0964

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

4.9 2008-06-16 CVE-2008-2708

Unspecified vulnerability in the Sun (1) UltraSPARC T2 and (2) UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv_93, allows local users to cause a denial of service (panic) via unspecified vectors, probably related to core files.

CWE : Common Weakness Enumeration

%idName
40% (2) CWE-264 Permissions, Privileges, and Access Controls
20% (1) CWE-134 Uncontrolled Format String
20% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (1) CWE-16 Configuration

Open Source Vulnerability Database (OSVDB)

id Description
62220 OpenSolaris Default Configuration kclient Windows Active Directory Domain Joi...
61621 OpenSolaris hald(1M) Unspecified Audit Record Writing Failure
47857 Solaris Kernel Covert Channel Security Restriction Bypass
47422 Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Format S...
47421 Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Overflows
46147 Solaris UltraSPARC Kernel Module Unspecified Local DoS

OpenVAS Exploits

id Description
2009-06-03 Name : Solaris Update for snoop 114262-05
File : nvt/gb_solaris_114262_05.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-T-0043 Multiple Sun Solaris snoop Vulnerabilities
Severity: Category II - VMSKEY: V0017141

Nessus® Vulnerability Scanner

id Description
2008-08-17 Name: The remote host is missing Sun Security Patch number 108964-11
File: solaris8_108964.nasl - Type: ACT_GATHER_INFO
2008-08-17 Name: The remote host is missing Sun Security Patch number 108965-11
File: solaris8_x86_108965.nasl - Type: ACT_GATHER_INFO
2008-08-17 Name: The remote host is missing Sun Security Patch number 112915-06
File: solaris9_112915.nasl - Type: ACT_GATHER_INFO
2008-08-17 Name: The remote host is missing Sun Security Patch number 114262-05
File: solaris9_x86_114262.nasl - Type: ACT_GATHER_INFO
2007-03-18 Name: The remote host is missing Sun Security Patch number 122300-61
File: solaris9_122300.nasl - Type: ACT_GATHER_INFO
2007-03-18 Name: The remote host is missing Sun Security Patch number 122301-61
File: solaris9_x86_122301.nasl - Type: ACT_GATHER_INFO
2006-02-19 Name: The remote host is missing Sun Security Patch number 117350-62
File: solaris8_117350.nasl - Type: ACT_GATHER_INFO
2006-02-19 Name: The remote host is missing Sun Security Patch number 117351-61
File: solaris8_x86_117351.nasl - Type: ACT_GATHER_INFO