Executive Summary
Summary | |
---|---|
Title | Sun Alert 242006 A Security Vulnerability in the Solaris Name Service Cache Daemon (nscd(1M)) May Allow Unauthorized Access to Data and Escalation of Privileges |
Informations | |||
---|---|---|---|
Name | SUN-242006 | First vendor Publication | 2008-12-18 |
Vendor | Sun | Last vendor Modification | 2009-01-05 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System OpenSolaris A security vulnerability in the Solaris name service cache daemon (nscd(1M)) may, under certain conditions, allow local unprivileged users to gain access to unauthorized information and gain elevated privileges. Sun acknowledges with thanks, Mike Gerdts for bringing this issue to our attention. State: Resolved First released: 18-Dec-2008 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_242006_a_security |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50934 | Solaris Name Service Cache Daemon (nscd(1M)) Unspecified Local Privilege Esca... |
Alert History
Date | Informations |
---|---|
2013-02-06 19:08:18 |
|