ID CVE-2007-3223
Summary Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
oval via4
accepted 2007-08-01T22:26:13.790-04:00
class vulnerability
contributors
name Nicholas Hansen
organization Opsware, Inc.
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.
family unix
id oval:org.mitre.oval:def:1092
status accepted
submitted 2007-06-19T14:30:00.000-04:00
title Security Vulnerability in Solaris 10 NFS XDR Handling May Allow a Denial of Service to NFS Servers
version 31
refmap via4
bid 24466
osvdb 36592
sectrack 1018253
secunia 25668
sunalert 102965
vupen ADV-2007-2190
xf solaris-nfs-xdr-dos(34857)
Last major update 30-10-2018 - 16:25
Published 14-06-2007 - 23:30
Back to Top