Executive Summary
Summary | |
---|---|
Title | Sun Alert 240866 Security Vulnerability in Solaris 10 NFS Remote Procedure Calls (RPCs) May Allow a Denial of Service (DoS) or Data Integrity Issues for Non-Global Zones |
Informations | |||
---|---|---|---|
Name | SUN-240866 | First vendor Publication | 2008-08-25 |
Vendor | Sun | Last vendor Modification | 2008-08-25 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System OpenSolaris A security vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation may allow a local user with administrative privileges in a non-global zone to intercept and corrupt NFS traffic destined for other non-global zones on the system.?? This may result in a Denial of Service (DoS) to the NFS services in the affected non-global zones. State: Resolved First released: 25-Aug-2008 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_240866_security_vulnerability |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47826 | Solaris NFS RPC Zones Arbitrary Non-local Zone Local NFS Traffic Manipulation Solaris contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified vulnerability in the NFS Remote Procedure Calls (RPC) zones implementation allows an attacker to intercept and corrupt NFS traffic occurs, and will result in loss of availability for the service. |
Alert History
Date | Informations |
---|---|
2013-02-06 19:08:18 |
|