ID CVE-2007-2465
Summary Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function. The vendor has addressed this issue with the following patches: Sun Solaris 9_x86: Sun x86 Solaris 9 Patch 122301-06 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -122301-06-1 Sun Solaris 9: Sun SPARC Solaris 9 Patch 122300-06 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -122300-06-1
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
oval via4
accepted 2007-07-18T15:57:48.292-04:00
class vulnerability
contributors
name Pai Peng
organization Opsware, Inc.
description Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.
family unix
id oval:org.mitre.oval:def:1085
status accepted
submitted 2007-06-15T09:00:00.000-04:00
title Solaris 9 Systems With Solaris Auditing (BSM) Enabled may Panic if Certain Audit Classes are Being Audited
version 32
refmap via4
bid 23751
osvdb 34904
sectrack 1017992
secunia 25081
sunalert 102900
vupen ADV-2007-1611
xf sun-solaris-bsm-dos(34003)
Last major update 30-10-2018 - 16:25
Published 02-05-2007 - 22:19
Back to Top