ID CVE-2008-1095
Summary Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:C
oval via4
accepted 2008-04-14T04:00:10.100-04:00
class vulnerability
contributors
name Pai Peng
organization Hewlett-Packard
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
family unix
id oval:org.mitre.oval:def:5511
status accepted
submitted 2008-03-04T08:44:56.000-05:00
title Security Vulnerability May Allow Firewall Compromise or Creation of Denial of Service (DoS) Condition
version 32
refmap via4
bid 27967
confirm http://support.avaya.com/elmodocs2/security/ASA-2008-119.htm
secunia
  • 29100
  • 29379
sunalert 200183
vupen ADV-2008-0645
xf solaris-ip-dos(40473)
Last major update 30-10-2018 - 16:25
Published 29-02-2008 - 11:44
Back to Top