Executive Summary
Summary | |
---|---|
Title | Sun Alert 261849 A Security Vulnerability in the Solaris iSCSI Management Commands (iscsiadm(1M) and iscsitadm(1M)) may Allow Privilege Escalation |
Informations | |||
---|---|---|---|
Name | SUN-261849 | First vendor Publication | 2009-09-21 |
Vendor | Sun | Last vendor Modification | 2009-09-21 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: Solaris 10 Operating System OpenSolaris A security vulnerability in the Solaris iSCSI management commands (iscsiadm(1M) and iscsitadm(1M)) may allow a local user who has been assigned an RBAC execution profile which specifies additional privileges for the iscsiadm(1M) or iscsitadm(1M) commands, such as the "File System Management" profile, to execute arbitrary commands with the privileges specified in the RBAC profile. State: Resolved First released: 21-Sep-2009 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_261849_a_security |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : Solaris Update for Sun iSCSI Device Driver and Utilities 119090-33 File : nvt/gb_solaris_119090_33.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58266 | Solaris iSCSI Management iscsiadm / iscsitadm Command Local Privilege Escalation |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-10-01 | IAVM : 2009-A-0086 - Sun Solaris iSCSI Management Commands Local Privilege Escalation Vulnerability Severity : Category II - VMSKEY : V0021633 |