4.9 - SUN-102926

Executive Summary

Summary
Title	Sun Alert 102926 Security Vulnerability in the Solaris libsldap Library May Allow a Denial of Service to nscd(1M)

Informations
Name	SUN-102926	First vendor Publication	2007-06-26
Vendor	Sun	Last vendor Modification	2007-06-26
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score	4.9	Attack Range	Local
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System

A security vulnerability in the Solaris libsldap library may allow a local unprivileged user to disable the Name Service Caching Daemon (see nscd(1M)) causing name service lookups to be slower (as caching will not occur), therefore causing a Denial of Service (DoS) condition.

Avoidance: Patch

State: Resolved

First released: 26-Jun-2007

Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102926-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_102926_security_vulnerability

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:2143

Oval ID:	oval:org.mitre.oval:def:2143
Title:	Security Vulnerability in the Solaris libsldap Library May Allow a Denial of Service to nscd(1M)
Description:	The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-3458	Version:	1
Platform(s):	Sun Solaris 8 Sun Solaris 9 Sun Solaris 10	Product(s):
Definition Synopsis:
Solaris 8 (SPARC) meets Sun Alert 102926 Solaris 8 (SPARC) is installed AND NOT Patch 126373-02 or later installed OR Solaris 9 (SPARC) meets Sun Alert 102926 Solaris 9 (SPARC) is installed AND NOT Patch 112960-40 or later installed OR Solaris 10 (SPARC) meets Sun Alert 102926 Solaris 10 (SPARC) is installed AND NOT Patch 120036-07 or later installed OR Solaris 8 (x86) meets Sun Alert 102926 Solaris 8 (x86) is installed AND NOT Patch 126374-02 or later installed OR Solaris 9 (x86) meets Sun Alert 102926 Solaris 9 (x86) is installed AND NOT Patch 114242-27 or later installed OR Solaris 10 (x86) meets Sun Alert 102926 Solaris 10 (x86) is installed AND NOT Patch 120037-07 or later installed

CPE : Common Platform Enumeration

Type	Description	Count
Os	Sun Solaris cpe:2.3:o:sun:solaris:10.0::sparc::::: cpe:2.3:o:sun:solaris:10.0::x86::::: cpe:2.3:o:sun:solaris:9.0::x86::::: cpe:2.3:o:sun:solaris:9.0::sparc::::: cpe:2.3:o:sun:solaris:8.0::sparc::::: cpe:2.3:o:sun:solaris:8.0::x86:::::	6

Open Source Vulnerability Database (OSVDB)

Id	Description
36594	Solaris libsldap Unspecified Local nscd DoS

Alert History

If you want to see full details history, please login or register.

Date	Informations
2016-04-26 18:14:29	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	1
CPE ID(s)	6
osvdb(s)	1

	Related
4.9	CVE-2007-3458
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

4.9 - SUN-102926

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU