ID CVE-2007-3470
Summary Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
CVSS
Base: 7.8 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
oval via4
accepted 2007-09-06T09:13:39.334-04:00
class vulnerability
contributors
name Todd Dolinsky
organization Opsware, Inc.
definition_extensions
  • comment Solaris 10 (SPARC) is installed
    oval oval:org.mitre.oval:def:1440
  • comment Solaris 10 (x86) is installed
    oval oval:org.mitre.oval:def:1926
description Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.
family unix
id oval:org.mitre.oval:def:9165
status accepted
submitted 2007-08-03T10:36:57.000-04:00
title Security Vulnerabilities in the KSSL Kernel Module May Lead to a System Panic
version 33
refmap via4
bid 24686
confirm http://support.avaya.com/elmodocs2/security/ASA-2007-312.htm
osvdb 36609
sectrack 1018322
secunia 25863
sunalert 102918
vupen ADV-2007-2365
xf solaris-kssl-dos(35126)
Last major update 29-09-2017 - 01:29
Published 28-06-2007 - 18:30
Back to Top