Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sun | First view | 2008-06-16 |
| Product | Opensolaris | Last view | 2009-10-01 |
| Version | snv_90 | Type | Os |
| Update | sparc | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:sun:opensolaris | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.9 | 2009-10-01 | CVE-2009-3519 | Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCPROTO, and (4) M_SIG STREAMS messages. |
| 1.9 | 2009-09-28 | CVE-2009-3432 | Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. |
| 4.9 | 2009-08-21 | CVE-2009-2912 | The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. |
| 4.9 | 2009-08-19 | CVE-2009-2857 | The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. |
| 10 | 2009-07-02 | CVE-2009-2296 | The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors. |
| 4.9 | 2009-06-19 | CVE-2009-2135 | Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. |
| 5 | 2009-06-11 | CVE-2009-2029 | Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. |
| 1.9 | 2009-06-09 | CVE-2009-2012 | Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. |
| 4.7 | 2009-06-05 | CVE-2009-1933 | Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors. |
| 2.1 | 2009-04-09 | CVE-2009-1276 | XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications. |
| 4.7 | 2009-03-16 | CVE-2009-0913 | Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. |
| 6.9 | 2009-03-12 | CVE-2009-0875 | Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. |
| 4.9 | 2009-03-12 | CVE-2009-0874 | Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function. |
| 6.8 | 2009-03-11 | CVE-2009-0872 | The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. |
| 6.9 | 2009-01-28 | CVE-2009-0319 | Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems." |
| 7.8 | 2009-01-27 | CVE-2009-0304 | The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c. |
| 4.9 | 2009-01-26 | CVE-2009-0268 | Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. |
| 5 | 2009-01-26 | CVE-2009-0267 | libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989. |
| 4.9 | 2009-01-07 | CVE-2009-0069 | Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. |
| 5.8 | 2008-11-18 | CVE-2008-5133 | ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named. |
| 10 | 2008-11-10 | CVE-2008-5010 | in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. |
| 7.2 | 2008-09-02 | CVE-2008-3875 | The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. |
| 7.1 | 2008-08-13 | CVE-2008-3666 | Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library. |
| 9.3 | 2008-08-08 | CVE-2008-0965 | Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. |
| 9.3 | 2008-08-08 | CVE-2008-0964 | Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 26% (4) | CWE-399 | Resource Management Errors |
| 20% (3) | CWE-362 | Race Condition |
| 20% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 6% (1) | CWE-255 | Credentials Management |
| 6% (1) | CWE-200 | Information Exposure |
| 6% (1) | CWE-134 | Uncontrolled Format String |
| 6% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 6% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 58449 | Solaris Kernel IP Module Unspecified Local DoS |
| 58278 | Solaris xscreensaver RandR Extension Resized Locked Screen Information Disclo... |
| 57169 | Solaris sendfile / sendfilev Extended Library Functions Unspecified DoS |
| 57151 | Solaris Kernel Filesystem / Virtual Memory Subsystem Interaction Unspecified ... |
| 55519 | Solaris NFSv4 Server Kernel Module nfs_portmon Tunable Shared Resource Restri... |
| 55232 | Solaris Event Port API Unspecified Race Condition Local DoS (6790056) |
| 55231 | Solaris Event Port API Unspecified Race Condition Local DoS (6736713) |
| 55049 | Solaris rpc.nisd(1M) NIS+ Server Unspecified DoS |
| 55030 | OpenSolaris idmap CIFS Server Unspecified Local DoS |
| 54979 | Kerberos on Solaris Local NFS Mount/Share Credential Cache Management Unspeci... |
| 53628 | Solaris XScreenSaver PopUp Window Information Disclosure |
| 52678 | Solaris keysock Kernel Module Unspecified Local DoS |
| 52563 | Solaris Kernel Doors Subsystem Unspecified Local Privilege Escalation |
| 52561 | Solaris Kernel Doors Subsystem Multiple Unspecified Local DoS |
| 52559 | Solaris NFS Server Security Modes (nfssec(5)) Combined AUTH_NONE / AUTH_SYS A... |
| 52554 | Solaris autofs Kernel Module Unspecified Local Privilege Escalation |
| 52541 | Solaris Pseudo-terminal (aka pty) Driver Module Unspecified Local DoS |
| 52540 | Solaris libike Library IKE Packet Handling Remote DoS |
| 52002 | Solaris IPv6 Destination Header (DH) Parsing Remote DoS |
| 51174 | Solaris NFSv4 Unspecified Local DoS |
| 49764 | Solaris IP Filter (ipfilter(5)) DNS Query ID Field Prediction Cache Poisoning |
| 47857 | Solaris Kernel Covert Channel Security Restriction Bypass |
| 47422 | Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Format S... |
| 47421 | Solaris snoop(1M) SMB Traffic Monitoring Multiple Unspecified Remote Overflows |
| 47375 | Solaris sendfilev() System Call System Panic Remote DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-10-13 | Name : Solaris Update for IKE 114435-15 File : nvt/gb_solaris_114435_15.nasl |
| 2009-10-13 | Name : Solaris Update for rpc.nisd 140917-02 File : nvt/gb_solaris_140917_02.nasl |
| 2009-10-13 | Name : Solaris Update for rpc.nisd 140918-02 File : nvt/gb_solaris_140918_02.nasl |
| 2009-09-23 | Name : Solaris Update for rpc.nisd 140918-01 File : nvt/gb_solaris_140918_01.nasl |
| 2009-06-03 | Name : Solaris Update for logindmux, ptsl, ms, bufmod, llc1, kb, zs, zsh, ptem 1136... File : nvt/gb_solaris_113685_07.nasl |
| 2009-06-03 | Name : Solaris Update for logindmux/llc1/ptsl/bufmod/ptem 113686-06 File : nvt/gb_solaris_113686_06.nasl |
| 2009-06-03 | Name : Solaris Update for snoop 114262-05 File : nvt/gb_solaris_114262_05.nasl |
| 2009-06-03 | Name : Solaris Update for autofs 116053-03 File : nvt/gb_solaris_116053_03.nasl |
| 2009-06-03 | Name : Solaris Update for Obsoleted by 139462-02 File : nvt/gb_solaris_139462_02.nasl |
| 2009-06-03 | Name : Solaris Update for Obsoleted by 139463-02 File : nvt/gb_solaris_139463_02.nasl |
| 2009-06-03 | Name : Solaris Update for ptsl 140426-01 File : nvt/gb_solaris_140426_01.nasl |
| 2009-06-03 | Name : Solaris Update for ptsl 140427-01 File : nvt/gb_solaris_140427_01.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-T-0040 | Sun Solaris Network File System Unauthorized Network Access Vulnerability Severity: Category II - VMSKEY: V0019716 |
| 2009-T-0008 | Sun Solaris IKE Packet Handling Security Vulnerability Severity: Category I - VMSKEY: V0018293 |
| 2008-T-0043 | Multiple Sun Solaris snoop Vulnerabilities Severity: Category II - VMSKEY: V0017141 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | IBM AIX and Oracle Solaris nfsd v4 nfs_portmon security bypass attempt RuleID : 20248 - Type : PROTOCOL-RPC - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2009-02-02 | Name: The remote host is missing Sun Security Patch number 140427-01 File: solaris9_x86_140427.nasl - Type: ACT_GATHER_INFO |
| 2009-02-02 | Name: The remote host is missing Sun Security Patch number 140426-01 File: solaris9_140426.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 108964-11 File: solaris8_108964.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 108965-11 File: solaris8_x86_108965.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 114262-05 File: solaris9_x86_114262.nasl - Type: ACT_GATHER_INFO |
| 2008-08-17 | Name: The remote host is missing Sun Security Patch number 112915-06 File: solaris9_112915.nasl - Type: ACT_GATHER_INFO |
| 2008-01-04 | Name: The remote host is missing Sun Security Patch number 128625-11 File: solaris8_x86_128625.nasl - Type: ACT_GATHER_INFO |
| 2008-01-02 | Name: The remote host is missing Sun Security Patch number 128624-11 File: solaris8_128624.nasl - Type: ACT_GATHER_INFO |
| 2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-531-2.nasl - Type: ACT_GATHER_INFO |
| 2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-531-1.nasl - Type: ACT_GATHER_INFO |
| 2007-10-19 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1388.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122301-61 File: solaris9_x86_122301.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122300-61 File: solaris9_122300.nasl - Type: ACT_GATHER_INFO |
| 2007-02-18 | Name: The remote host is missing Sun Security Patch number 120094-36 File: solaris10_120094.nasl - Type: ACT_GATHER_INFO |
| 2007-02-18 | Name: The remote host is missing Sun Security Patch number 120095-36 File: solaris10_x86_120095.nasl - Type: ACT_GATHER_INFO |
| 2006-11-06 | Name: The remote host is missing Sun Security Patch number 115158-14 File: solaris9_115158.nasl - Type: ACT_GATHER_INFO |
| 2006-11-06 | Name: The remote host is missing Sun Security Patch number 115159-14 File: solaris9_x86_115159.nasl - Type: ACT_GATHER_INFO |
| 2006-02-19 | Name: The remote host is missing Sun Security Patch number 117351-61 File: solaris8_x86_117351.nasl - Type: ACT_GATHER_INFO |
| 2006-02-19 | Name: The remote host is missing Sun Security Patch number 117350-62 File: solaris8_117350.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 112908-38 File: solaris9_112908.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 113686-06 File: solaris8_x86_113686.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 115168-24 File: solaris9_x86_115168.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 113685-07 File: solaris8_113685.nasl - Type: ACT_GATHER_INFO |
| 2004-07-12 | Name: The remote host is missing Sun Security Patch number 109077-21 File: solaris8_109077.nasl - Type: ACT_GATHER_INFO |
