ID CVE-2009-2430
Summary Unspecified vulnerability in auditconfig in Sun Solaris 8, 9, 10, and OpenSolaris snv_01 through snv_58, when Solaris Auditing is enabled, allows local users with an RBAC execution profile for auditconfig to gain privileges via unknown attack vectors.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:opensolaris:snv_01:-:x86
    cpe:2.3:o:sun:opensolaris:snv_01:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_02:-:x86
    cpe:2.3:o:sun:opensolaris:snv_02:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_03:-:x86
    cpe:2.3:o:sun:opensolaris:snv_03:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_04:-:x86
    cpe:2.3:o:sun:opensolaris:snv_04:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_05:-:x86
    cpe:2.3:o:sun:opensolaris:snv_05:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_06:-:x86
    cpe:2.3:o:sun:opensolaris:snv_06:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_07:-:x86
    cpe:2.3:o:sun:opensolaris:snv_07:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_08:-:x86
    cpe:2.3:o:sun:opensolaris:snv_08:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_09:-:x86
    cpe:2.3:o:sun:opensolaris:snv_09:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_10:-:x86
    cpe:2.3:o:sun:opensolaris:snv_10:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_11:-:x86
    cpe:2.3:o:sun:opensolaris:snv_11:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_12:-:x86
    cpe:2.3:o:sun:opensolaris:snv_12:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_13:-:x86
    cpe:2.3:o:sun:opensolaris:snv_13:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_14:-:x86
    cpe:2.3:o:sun:opensolaris:snv_14:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_15:-:x86
    cpe:2.3:o:sun:opensolaris:snv_15:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_16:-:x86
    cpe:2.3:o:sun:opensolaris:snv_16:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_17:-:x86
    cpe:2.3:o:sun:opensolaris:snv_17:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_18:-:x86
    cpe:2.3:o:sun:opensolaris:snv_18:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_19:-:x86
    cpe:2.3:o:sun:opensolaris:snv_19:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_20:-:x86
    cpe:2.3:o:sun:opensolaris:snv_20:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_21:-:x86
    cpe:2.3:o:sun:opensolaris:snv_21:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_22:-:x86
    cpe:2.3:o:sun:opensolaris:snv_22:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_23:-:x86
    cpe:2.3:o:sun:opensolaris:snv_23:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_24:-:x86
    cpe:2.3:o:sun:opensolaris:snv_24:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_25:-:x86
    cpe:2.3:o:sun:opensolaris:snv_25:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_26:-:x86
    cpe:2.3:o:sun:opensolaris:snv_26:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_27:-:x86
    cpe:2.3:o:sun:opensolaris:snv_27:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_28:-:x86
    cpe:2.3:o:sun:opensolaris:snv_28:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_29:-:x86
    cpe:2.3:o:sun:opensolaris:snv_29:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_30:-:x86
    cpe:2.3:o:sun:opensolaris:snv_30:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_31:-:x86
    cpe:2.3:o:sun:opensolaris:snv_31:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_32:-:x86
    cpe:2.3:o:sun:opensolaris:snv_32:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_33:-:x86
    cpe:2.3:o:sun:opensolaris:snv_33:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_34:-:x86
    cpe:2.3:o:sun:opensolaris:snv_34:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_35:-:x86
    cpe:2.3:o:sun:opensolaris:snv_35:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_36:-:x86
    cpe:2.3:o:sun:opensolaris:snv_36:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_37:-:x86
    cpe:2.3:o:sun:opensolaris:snv_37:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_38:-:x86
    cpe:2.3:o:sun:opensolaris:snv_38:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_39:-:x86
    cpe:2.3:o:sun:opensolaris:snv_39:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_40:-:x86
    cpe:2.3:o:sun:opensolaris:snv_40:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_41:-:x86
    cpe:2.3:o:sun:opensolaris:snv_41:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_42:-:x86
    cpe:2.3:o:sun:opensolaris:snv_42:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_43:-:x86
    cpe:2.3:o:sun:opensolaris:snv_43:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_44:-:x86
    cpe:2.3:o:sun:opensolaris:snv_44:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_45:-:x86
    cpe:2.3:o:sun:opensolaris:snv_45:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_46:-:x86
    cpe:2.3:o:sun:opensolaris:snv_46:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_47:-:x86
    cpe:2.3:o:sun:opensolaris:snv_47:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_48:-:x86
    cpe:2.3:o:sun:opensolaris:snv_48:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_49:-:x86
    cpe:2.3:o:sun:opensolaris:snv_49:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_50:-:x86
    cpe:2.3:o:sun:opensolaris:snv_50:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_51:-:x86
    cpe:2.3:o:sun:opensolaris:snv_51:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_52:-:x86
    cpe:2.3:o:sun:opensolaris:snv_52:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_53:-:x86
    cpe:2.3:o:sun:opensolaris:snv_53:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_54:-:x86
    cpe:2.3:o:sun:opensolaris:snv_54:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_55:-:x86
    cpe:2.3:o:sun:opensolaris:snv_55:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_56:-:x86
    cpe:2.3:o:sun:opensolaris:snv_56:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_57:-:x86
    cpe:2.3:o:sun:opensolaris:snv_57:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_58:-:x86
    cpe:2.3:o:sun:opensolaris:snv_58:-:x86
  • cpe:2.3:o:sun:solaris:8:-:x86
    cpe:2.3:o:sun:solaris:8:-:x86
  • cpe:2.3:o:sun:solaris:9:-:x86
    cpe:2.3:o:sun:solaris:9:-:x86
  • cpe:2.3:o:sun:solaris:10:-:x86
    cpe:2.3:o:sun:solaris:10:-:x86
  • cpe:2.3:o:sun:opensolaris:snv_01:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_01:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_02:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_02:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_03:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_03:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_04:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_04:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_05:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_05:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_06:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_06:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_07:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_07:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_08:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_08:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_09:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_09:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_10:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_10:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_11:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_11:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_12:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_12:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_13:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_13:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_14:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_14:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_15:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_15:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_16:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_16:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_17:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_17:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_18:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_18:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_19:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_19:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_20:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_20:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_21:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_21:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_22:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_22:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_23:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_23:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_24:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_24:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_25:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_25:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_26:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_26:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_27:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_27:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_28:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_28:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_29:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_29:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_30:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_30:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_31:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_31:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_32:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_32:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_33:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_33:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_34:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_34:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_35:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_35:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_36:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_36:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_37:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_37:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_38:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_38:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_39:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_39:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_40:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_40:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_41:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_41:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_42:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_42:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_43:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_43:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_44:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_44:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_45:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_45:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_46:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_46:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_47:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_47:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_48:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_48:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_49:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_49:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_50:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_50:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_51:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_51:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_52:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_52:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_53:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_53:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_54:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_54:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_55:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_55:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_56:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_56:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_57:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_57:-:sparc
  • cpe:2.3:o:sun:opensolaris:snv_58:-:sparc
    cpe:2.3:o:sun:opensolaris:snv_58:-:sparc
  • cpe:2.3:o:sun:solaris:8:-:sparc
    cpe:2.3:o:sun:solaris:8:-:sparc
  • cpe:2.3:o:sun:solaris:9:-:sparc
    cpe:2.3:o:sun:solaris:9:-:sparc
  • cpe:2.3:o:sun:solaris:10:-:sparc
    cpe:2.3:o:sun:solaris:10:-:sparc
CVSS
Base: 4.6 (as of 13-07-2009 - 10:33)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_109007.NASL
    description SunOS 5.8: at/atrm/batch/cron/inetd patch. Date this patch was last updated by Sun : Mar/25/09
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 13309
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13309
    title Solaris 8 (sparc) : 109007-28
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_109008.NASL
    description SunOS 5.8_x86: at/atrm/batch/cron/inetd pa. Date this patch was last updated by Sun : Mar/26/09
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 13419
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13419
    title Solaris 8 (x86) : 109008-28
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_122300.NASL
    description SunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 24858
    published 2007-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24858
    title Solaris 9 (sparc) : 122300-61
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_122301.NASL
    description SunOS 5.9_x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen 2018-09-02
    modified 2016-12-09
    plugin id 24861
    published 2007-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24861
    title Solaris 9 (x86) : 122301-61
refmap via4
bid 35501
secunia 35580
sunalert 262088
Last major update 22-07-2009 - 15:11
Published 10-07-2009 - 13:30
Back to Top