Executive Summary

Summary
Title Sun Alert 237987 Manipulated Tag Files used with Solaris Text Editors May Lead to Execution of Arbitrary Code
Informations
Name SUN-237987 First vendor Publication 2008-09-17
Vendor Sun Last vendor Modification 2008-09-17
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System

A security vulnerability in the Solaris text editors (vi(1), ex(1), vedit(1), view(1), edit(1)), related to the handling of tags (see ctags(1)) may allow a local unprivileged user to execute arbitrary code with the privileges of another user.

Sun acknowledges with thanks, "Eli the Bearded" for bringing this issue to our attention.

State: Resolved
First released: 17-Sep-2008
Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-66-237987-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_237987_manipulated_tag

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5884
 
Oval ID: oval:org.mitre.oval:def:5884
Title: Manipulated Tag Files used with Solaris Text Editors May Lead to Execution of Arbitrary Code
Description: Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit programs.
Family: unix Class: vulnerability
Reference(s): CVE-2008-4131
 Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 6

OpenVAS Exploits

Date Description
2009-06-03 Name : Solaris Update for edit, ex, vedit, vi and view 110904-08
File : nvt/gb_solaris_110904_08.nasl
2009-06-03 Name : Solaris Update for edit, ex, vedit, vi and view 113031-04
File : nvt/gb_solaris_113031_04.nasl
2009-06-03 Name : Solaris Update for edit, ex, vedit, vi and view 116479-02
File : nvt/gb_solaris_116479_02.nasl
2009-06-03 Name : Solaris Update for vi and ex 120830-06
File : nvt/gb_solaris_120830_06.nasl
2009-06-03 Name : Solaris Update for vi and ex 120831-06
File : nvt/gb_solaris_120831_06.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
48197 Solaris Multiple Editors ctags Tag File Handling Local Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2008-09-17 Name : The remote host is missing Sun Security Patch number 113031-04
File : solaris9_113031.nasl - Type : ACT_GATHER_INFO
2008-09-17 Name : The remote host is missing Sun Security Patch number 116479-02
File : solaris9_x86_116479.nasl - Type : ACT_GATHER_INFO
2008-05-17 Name : The remote host is missing Sun Security Patch number 120830-06
File : solaris10_120830.nasl - Type : ACT_GATHER_INFO
2008-05-17 Name : The remote host is missing Sun Security Patch number 120831-06
File : solaris10_x86_120831.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 110903-08
File : solaris8_110903.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 110904-08
File : solaris8_x86_110904.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-02-06 19:08:15
  • Multiple Updates