CVSS: 7.2EPSS: 0%CPEs: 160EXPL: 2CVE-2008-5689 – Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-5689
tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. Tun en IP Tunnel en Solaris 10 y OpenSolaris snv_01 a snv_76 permite a usuarios locales causar una denegación de servicio (causando un panic del sistema) y, posiblemente, ejecutar código arbitrario a través de una solicitud SIOCGTUNPARAM IOCTL modificada, que ocasiona una desreferencia a un puntero NULL. • https://www.exploit-db.com/exploits/15962 http://secunia.com/advisories/33160 http://securityreason.com/securityalert/4801 http://sunsolve.sun.com/search/document.do?assetkey=1-26-242266-1 http://www.exploit-db.com/exploits/15962 http://www.securityfocus.com/archive/1/499352/100/0/threaded http://www.securityfocus.com/bid/32904 http://www.securitytracker.com/id?1021464 http://www.trapkit.de/advisories/TKADV2008-015.txt http://www.vupen.com/english/advisories/2008/3454 https& • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2008-5410
https://notcve.org/view.php?id=CVE-2008-5410
The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign and (2) RSA_verify functions. La caché PK11_SESSION en el motor OpenSSL PKCS#11 en Sun Solaris 10 no mantiene la cuenta de referencia para operaciones con claves asimétricas, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (fallos en las operaciones criptográficas) a través de vectores desconocidos, relacionado con las funciones (1) RSA_sign y (2) RSA_verify. • http://secunia.com/advisories/33050 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138863-02-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-139459-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-246846-1 http://www.securityfocus.com/bid/32671 http://www.securitytracker.com/id?1021358 http://www.vupen.com/english/advisories/2008/3372 https://exchange.xforce.ibmcloud.com/vulnerabilities/47137 https://oval.cisecurity.org/repository/search/definition • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 97%CPEs: 165EXPL: 2CVE-2008-0960 – SNMPv3 - HMAC Validation error Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. Una comprobación SNMPv3 HMAC en (1) Net-SNMP versión 5.2.x anterior a 5.2.4.1, versión 5.3.x anterior a 5.3.2.1 y versión 5.4.x anterior a 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) C-series versión 1.0.0 hasta 2.0.0 de Juniper Session and Resource Control (SRC); (5) Data de NetApp (también se conoce como Network Appliance) ONTAP versiones 7.3RC1 y 7.3RC2; (6) SNMP Research versión anterior a 16.2; (7) múltiples productos Cisco IOS, CatOS, ACE y Nexus; (8) Ingate Firewall versión 3.1.0 y posterior y SIParator versión 3.1.0 y posterior; (9) HP OpenView SNMP Emanate Master Agent versión 15.x; y posiblemente otros productos dependen del cliente para especificar la longitud del HMAC, lo que facilita que los atacantes remotos omitan la autenticación SNMP por medio de un valor de longitud de 1, que solo comprueba el primer byte. • https://www.exploit-db.com/exploits/5790 http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://lists.ingate.com/pipermail/productinfo/2008/000021.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html http://marc.info/?l=bugtraq&m=127730470825399&w=2 http://rhn.redhat.com/errata/RHSA-2008-0528.html http://secunia.com/advisories/30574 http://secunia.com/advisories/30596 http://secunia.com/advisories/30612 http://secunia.c • CWE-287: Improper Authentication •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 1CVE-2008-0933
https://notcve.org/view.php?id=CVE-2008-0933
Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore. Múltiples condiciones de carrera en el subsistema CPU Performance Counters (cpc) del núcleo de Sun Solaris 10 permiten a usuarios locales provocar una denegación de servicio (kernel panic) a través de vectores no especificados relacionados con kcpc_unbind y kcpc_restore. • http://secunia.com/advisories/29052 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231466-1 http://www.securityfocus.com/bid/27941 http://www.securitytracker.com/id?1019490 http://www.vupen.com/english/advisories/2008/0642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5476 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0242
https://notcve.org/view.php?id=CVE-2008-0242
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. Vulnerabilidad no especificada en libdevinfo de Sun Solaris 10, permite que usuario locales puedan acceder a ficheros y que obtengan privilegios, usando vectores desconocidos, relacionados con los permisos del dispositivo de login. • http://secunia.com/advisories/28493 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103165-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200641-1 http://www.securityfocus.com/bid/27253 http://www.securitytracker.com/id?1019187 http://www.vupen.com/english/advisories/2008/0131 https://exchange.xforce.ibmcloud.com/vulnerabilities/39629 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5211 •