ID CVE-2007-5225
Summary Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
References
Vulnerable Configurations
  • Sun SunOS (Solaris 8) 5.8
    cpe:2.3:o:sun:sunos:5.8
  • Sun SunOS (Solaris 9) 5.9
    cpe:2.3:o:sun:sunos:5.9
  • Sun SunOS (Solaris 10) 5.10
    cpe:2.3:o:sun:sunos:5.10
CVSS
Base: 4.9 (as of 05-10-2007 - 15:11)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
exploit-db via4
  • description Solaris 8/9/10 fifofs I_PEEK Local Kernel memory Leak Exploit. CVE-2007-5225. Local exploit for solaris platform
    file exploits/solaris/local/5227.c
    id EDB-ID:5227
    last seen 2016-01-31
    modified 2008-03-10
    platform solaris
    port
    published 2008-03-10
    reporter Marco Ivaldi
    source https://www.exploit-db.com/download/5227/
    title Solaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit
    type local
  • id EDB-ID:4516
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_127738.NASL
    description SunOS 5.10_x86: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 27084
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27084
    title Solaris 10 (x86) : 127738-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_117472.NASL
    description SunOS 5.9_x86: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 27097
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27097
    title Solaris 9 (x86) : 117472-04
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_117471.NASL
    description SunOS 5.9: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 26910
    published 2007-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26910
    title Solaris 9 (sparc) : 117471-04
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_109455.NASL
    description SunOS 5.8_x86: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 27088
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27088
    title Solaris 8 (x86) : 109455-06
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_109454.NASL
    description SunOS 5.8: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 26909
    published 2007-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26909
    title Solaris 8 (sparc) : 109454-06
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_127737.NASL
    description SunOS 5.10: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 26908
    published 2007-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26908
    title Solaris 10 (sparc) : 127737-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_127738-01.NASL
    description SunOS 5.10_x86: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 107963
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107963
    title Solaris 10 (x86) : 127738-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_127737-01.NASL
    description SunOS 5.10: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 107464
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107464
    title Solaris 10 (sparc) : 127737-01
oval via4
accepted 2007-11-13T12:01:06.734-05:00
class vulnerability
contributors
name Nicholas Hansen
organization Opsware, Inc.
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
family unix
id oval:org.mitre.oval:def:2170
status accepted
submitted 2007-10-10T07:52:08.000-04:00
title Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access
version 31
packetstorm via4
data source https://packetstormsecurity.com/files/download/64468/solaris-memleak.txt
id PACKETSTORM:64468
last seen 2016-12-05
published 2008-03-13
reporter Marco Ivaldi
source https://packetstormsecurity.com/files/64468/solaris-memleak.txt.html
title solaris-memleak.txt
refmap via4
bid 25905
bugtraq 20071004 Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm
idefense 20071002 Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
sectrack 1018766
secunia
  • 27024
  • 27654
sunalert 103061
vupen ADV-2007-3339
xf solaris-namedpipes-information-disclosure(36918)
Last major update 11-10-2011 - 00:00
Published 04-10-2007 - 20:17
Last modified 30-10-2018 - 12:25
Back to Top