Executive Summary

Summary
Title Sun Alert 242006 A Security Vulnerability in the Solaris Name Service Cache Daemon (nscd(1M)) May Allow Unauthorized Access to Data and Escalation of Privileges
Informations
Name SUN-242006 First vendor Publication 2008-12-18
Vendor Sun Last vendor Modification 2009-01-05
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 10 Operating System OpenSolaris

A security vulnerability in the Solaris name service cache daemon (nscd(1M)) may, under certain conditions, allow local unprivileged users to gain access to unauthorized information and gain elevated privileges.

Sun acknowledges with thanks, Mike Gerdts for bringing this issue to our attention.

State: Resolved
First released: 18-Dec-2008
Sun Alert Link:http://sunsolve.sun.com/search/document.do?assetkey=1-66-242006-1

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_242006_a_security

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 110
Os 2

Open Source Vulnerability Database (OSVDB)

Id Description
50934 Solaris Name Service Cache Daemon (nscd(1M)) Unspecified Local Privilege Esca...

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-02-06 19:08:18
  • Multiple Updates