ID CVE-2008-0242
Summary Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
CVSS
Base: 7.2 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2008-02-25T04:00:10.261-05:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
family unix
id oval:org.mitre.oval:def:5211
status accepted
submitted 2008-01-15T11:52:30.000-05:00
title A Security Vulnerability in libdevinfo(3LIB) May Allow Unauthorized Access to Files on the System
version 32
refmap via4
bid 27253
sectrack 1019187
secunia 28493
sunalert
  • 103165
  • 200641
vupen ADV-2008-0131
xf solaris-libdevinfo-privilege-escalation(39629)
Last major update 29-09-2017 - 01:30
Published 12-01-2008 - 02:46
Back to Top