ID CVE-2018-2718
Summary Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
References
Vulnerable Configurations
  • cpe:2.3:o:oracle:solaris:10.0
    cpe:2.3:o:oracle:solaris:10.0
  • Oracle Solaris 11.3
    cpe:2.3:o:oracle:solaris:11.3
CVSS
Base: 7.8
Impact:
Exploitability:
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_152261-04.NASL
    description Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.
    last seen 2019-02-21
    modified 2018-10-29
    plugin id 109080
    published 2018-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109080
    title Solaris 10 (x86) : 152261-04
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_152260-04.NASL
    description Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.
    last seen 2019-02-21
    modified 2018-10-26
    plugin id 109074
    published 2018-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109074
    title Solaris 10 (sparc) : 152260-04
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS_APR2018_SRU11_3_28_4_0.NASL
    description This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. (CVE-2018-2718)
    last seen 2019-02-21
    modified 2018-10-18
    plugin id 109173
    published 2018-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109173
    title Oracle Solaris Critical Patch Update : apr2018_SRU11_3_28_4_0
refmap via4
bid 103886
confirm http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
sectrack 1040702
Last major update 18-04-2018 - 22:29
Published 18-04-2018 - 22:29
Last modified 25-04-2018 - 12:38
Back to Top