Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Sun Alert 103061 Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access |
| Informations | |||
|---|---|---|---|
| Name | SUN-103061 | First vendor Publication | 2007-10-02 |
| Vendor | Sun | Last vendor Modification | 2007-10-02 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.9 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Product: Solaris 9 Operating System, Solaris 10 Operating System, Solaris 8 Operating System A security vulnerability in the Solaris Named Pipes (pipe(2)) may allow a local unprivileged user to gain access to unauthorized memory locations. This may allow a local unprivileged user to read potentially sensitive data in the kernel's memory layout or in the memory layouts of other processes running on the system. Additional information on Solaris Named Pipes (pipe(2)) is available at: Sun acknowledges, with thanks, an anonymous researcher working with the VeriSign iDefense VCP. Avoidance: Patch State: Resolved First released: 02-Oct-2007 |
Original Source
| Url : http://blogs.sun.com/security/entry/sun_alert_103061_security_vulnerability |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:2170 | |||
| Oval ID: | oval:org.mitre.oval:def:2170 | ||
| Title: | Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access | ||
| Description: | Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-5225 | Version: | 1 |
| Platform(s): | Sun Solaris 8 Sun Solaris 9 Sun Solaris 10 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 3 |
ExploitDB Exploits
| id | Description |
|---|---|
| 2008-03-10 | Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-06-03 | Name : Solaris Update for connld, fifofs, fifonode 117471-04 File : nvt/gb_solaris_117471_04.nasl |
| 2009-06-03 | Name : Solaris Update for connld, fifofs, fifonode 117472-04 File : nvt/gb_solaris_117472_04.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 37714 | Solaris FIFO (Named Pipes) I_PEEK ioctl Arbitrary Memory Disclosure |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-10-17 | Name : The remote host is missing Sun Security Patch number 109455-06 File : solaris8_x86_109455.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote host is missing Sun Security Patch number 117472-04 File : solaris9_x86_117472.nasl - Type : ACT_GATHER_INFO |
| 2007-10-03 | Name : The remote host is missing Sun Security Patch number 109454-06 File : solaris8_109454.nasl - Type : ACT_GATHER_INFO |
| 2007-10-03 | Name : The remote host is missing Sun Security Patch number 117471-04 File : solaris9_117471.nasl - Type : ACT_GATHER_INFO |
