ID CVE-2013-0405
Summary Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
References
Vulnerable Configurations
  • Sun SunOS (Solaris 8) 5.8
    cpe:2.3:o:sun:sunos:5.8
  • Sun SunOS (Solaris 9) 5.9
    cpe:2.3:o:sun:sunos:5.9
  • Sun SunOS (Solaris 10) 5.10
    cpe:2.3:o:sun:sunos:5.10
  • Sun SunOS (Solaris 11) 5.11
    cpe:2.3:o:sun:sunos:5.11
CVSS
Base: 6.4 (as of 09-11-2016 - 15:27)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_123397.NASL
    description SunOS 5.9_x86: librpcsvc patch. Date this patch was last updated by Sun : Oct/10/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 27098
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27098
    title Solaris 9 (x86) : 123397-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_148384.NASL
    description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Filesystem/NFS). Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via IPv6. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data. Note: CVE-2013-0405 occurs only when the Solaris NFS client mounts the NFS server over IPv6. This plugin has been deprecated and either replaced with individual 148384 patch-revision plugins, or deemed non-security related.
    last seen 2019-01-16
    modified 2018-07-30
    plugin id 64524
    published 2013-02-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64524
    title Solaris 10 (x86) : 148384-01 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_127549.NASL
    description SunOS 5.8_x86: librpcsvc patch. Date this patch was last updated by Sun : Oct/10/07
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 27089
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27089
    title Solaris 8 (x86) : 127549-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS_APR2013_SRU3.NASL
    description This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Filesystem/NFS). Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via IPv6. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data. Note: CVE-2013-0405 occurs only when the Solaris NFS client mounts the NFS server over IPv6. (CVE-2013-0405)
    last seen 2019-01-16
    modified 2018-11-14
    plugin id 76803
    published 2014-07-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76803
    title Oracle Solaris Critical Patch Update : apr2013_SRU3
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_123396.NASL
    description SunOS 5.9: librpcsvc patch. Date this patch was last updated by Sun : Oct/10/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 27091
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27091
    title Solaris 9 (sparc) : 123396-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_148383.NASL
    description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Filesystem/NFS). Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via IPv6. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data. Note: CVE-2013-0405 occurs only when the Solaris NFS client mounts the NFS server over IPv6. This plugin has been deprecated and either replaced with individual 148383 patch-revision plugins, or deemed non-security related.
    last seen 2019-01-16
    modified 2018-07-30
    plugin id 64606
    published 2013-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64606
    title Solaris 10 (sparc) : 148383-01 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_148384-01.NASL
    description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Filesystem/NFS). Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via IPv6. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data. Note: CVE-2013-0405 occurs only when the Solaris NFS client mounts the NFS server over IPv6.
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 108146
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108146
    title Solaris 10 (x86) : 148384-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_127548.NASL
    description SunOS 5.8: librpcsvc patch. Date this patch was last updated by Sun : Oct/10/07
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 27087
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27087
    title Solaris 8 (sparc) : 127548-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_148383-01.NASL
    description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Filesystem/NFS). Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable vulnerability allows successful unauthenticated network attacks via IPv6. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data. Note: CVE-2013-0405 occurs only when the Solaris NFS client mounts the NFS server over IPv6.
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107653
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107653
    title Solaris 10 (sparc) : 148383-01
oval via4
accepted 2013-12-30T04:00:26.103-05:00
class vulnerability
contributors
name Merryl DMello
organization Hewlett-Packard
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
family unix
id oval:org.mitre.oval:def:19352
status accepted
submitted 2013-11-20T11:43:28.000-05:00
title CRITICAL PATCH UPDATE APRIL 2013
version 33
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
mandriva MDVSA-2013:150
Last major update 09-11-2016 - 16:24
Published 17-04-2013 - 08:14
Last modified 18-09-2017 - 21:35
Back to Top