ID CVE-2012-1683
Summary Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.
References
Vulnerable Configurations
  • Sun SunOS (Solaris 8) 5.8
    cpe:2.3:o:sun:sunos:5.8
  • Sun SunOS (Solaris 9) 5.9
    cpe:2.3:o:sun:sunos:5.9
  • Sun SunOS (Solaris 10) 5.10
    cpe:2.3:o:sun:sunos:5.10
  • Sun SunOS (Solaris 11) 5.11
    cpe:2.3:o:sun:sunos:5.11
CVSS
Base: 5.9 (as of 04-10-2016 - 13:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL HIGH MULTIPLE_INSTANCES
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_115168.NASL
    description SunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 13620
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13620
    title Solaris 9 (x86) : 115168-24
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_112908.NASL
    description SunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10
    last seen 2018-09-01
    modified 2016-12-09
    plugin id 13520
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13520
    title Solaris 9 (sparc) : 112908-38
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_147441.NASL
    description SunOS 5.10_x86: Solaris kernel patch. Date this patch was last updated by Sun : Nov/30/12
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 56441
    published 2011-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56441
    title Solaris 10 (x86) : 147441-27
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS_APR2012_SRU4.NASL
    description This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: gssd(1M)). Supported versions that are affected are 8, 9, 10 and 11. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. (CVE-2012-1683) - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Kernel/Privileges). The supported version that is affected is 11. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. (CVE-2012-1691) - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Kernel/GLD(7D)). The supported version that is affected is 11. Very difficult to exploit vulnerability allows successful authenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in unauthorized read access to a subset of Solaris accessible data. (CVE-2012-1698)
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 76801
    published 2014-07-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76801
    title Oracle Solaris Critical Patch Update : apr2012_SRU4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_147440.NASL
    description SunOS 5.10: Solaris kernel patch. Date this patch was last updated by Sun : Apr/17/12
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 56435
    published 2011-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56435
    title Solaris 10 (sparc) : 147440-15
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
mandriva MDVSA-2013:150
sectrack 1026940
secunia 48809
Last major update 05-10-2016 - 09:17
Published 03-05-2012 - 18:55
Last modified 06-12-2017 - 21:29
Back to Top