Executive Summary

Summary
Title Sun Alert 243566 Security Vulnerability in the X Inter Client Exchange Library (libICE) Shipped With Solaris May Allow a Denial of Service (DoS)
Informations
Name SUN-243566 First vendor Publication 2008-12-12
Vendor Sun Last vendor Modification 2008-12-12
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

A security vulnerability in the X Inter Client Exchange library (libICE) may allow a local or remote unprivileged user to crash an application that dynamically links to libICE.  The ability to crash an application is a type of Denial of Service (DoS).

State: Resolved
First released: 12-Dec-2008

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_243566_security_vulnerability

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6003
 
Oval ID: oval:org.mitre.oval:def:6003
Title: Security Vulnerability in the X Inter Client Exchange Library (libICE) Shipped With Solaris May Allow a Denial of Service (DoS)
Description: Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session).
Family: unix Class: vulnerability
Reference(s): CVE-2008-5684
Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 256
Os 6

Open Source Vulnerability Database (OSVDB)

Id Description
52532 Solaris X Inter Client Exchange library (aka libICE) Port Scan DoS

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-01-08 IAVM : 2009-T-0001 - Sun Solaris X Inter Client Exchange Library (libICE) Denial of Service Vulner...
Severity : Category I - VMSKEY : V0017981

Nessus® Vulnerability Scanner

Date Description
2015-04-02 Name : The remote host is missing Sun security patch number 119059-46.
File : solaris10_119059_46.nasl - Type : ACT_GATHER_INFO
2015-04-02 Name : The remote host is missing Sun security patch number 119060-45.
File : solaris10_x86_119060_45.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 119059-73
File : solaris10_119059.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 119060-72
File : solaris10_x86_119060.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 119067-11
File : solaris8_119067.nasl - Type : ACT_GATHER_INFO
2006-11-06 Name : The remote host is missing Sun Security Patch number 119068-11
File : solaris8_x86_119068.nasl - Type : ACT_GATHER_INFO
2004-08-24 Name : The remote host is missing Sun Security Patch number 112785-65
File : solaris9_112785.nasl - Type : ACT_GATHER_INFO
2004-08-24 Name : The remote host is missing Sun Security Patch number 112786-54
File : solaris9_x86_112786.nasl - Type : ACT_GATHER_INFO
2002-03-19 Name : Previously open ports are now closed.
File : check_ports.nasl - Type : ACT_END

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-02-06 19:08:19
  • Multiple Updates