Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Title Sun Alert 237965 A Security Vulnerability in IP Multicast Filter processing of Sockets may lead to a system panic or possible execution of Arbitrary Code
Name SUN-237965 First vendor Publication 2008-06-12
Vendor Sun Last vendor Modification 2010-01-20
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Product: Solaris 10, OpenSolaris

A security vulnerability in the Solaris 10 IP (see ip(7P)) kernelmodule relating to setting a socket's multicast filter may allow alocal unprivileged user the ability to panic the system or executearbitrary commands with all privileges. The ability to panic a systemis a type of Denial of Service (DoS).

Sun acknowledges with thanks, Tobias Klein (http://www.trapkit.de/)for bringing this issue to our attention.

This issue is also referenced in the following document:

State: Resolved
First released: 12-Jun-2008

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_237965_a_security

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5731
Oval ID: oval:org.mitre.oval:def:5731
Title: A Security Vulnerability in IP Multicast Filter processing of Sockets may lead to a system panic or possible execution of Arbitrary Code
Description: Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2710
Version: 1
Platform(s): Sun Solaris 10
Definition Synopsis:

CPE : Common Platform Enumeration

Os 1
Os 50
Os 38

Open Source Vulnerability Database (OSVDB)

Id Description
46193 Solaris Kernel SIOCSIPMSFILTER IOCTL Request IP Multicast Filter Local Privil...

Alert History

If you want to see full details history, please login or register.
Date Informations
2013-02-06 19:08:15
  • Multiple Updates