Vulnerabilities > CVE-2005-2870 - Unspecified vulnerability in SUN Solaris 10.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sun
nessus
Summary
Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_119593.NASL description SunOS 5.10: net-svc patch. Date this patch was last updated by Sun : Aug/08/05 last seen 2018-09-01 modified 2018-08-13 plugin id 19446 published 2005-08-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=19446 title Solaris 10 (sparc) : 119593-01 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(19446); script_version("1.27"); script_name(english: "Solaris 10 (sparc) : 119593-01"); script_cve_id("CVE-2005-2870"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 119593-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: net-svc patch. Date this patch was last updated by Sun : Aug/08/05'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1000197.1.html"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/08/18"); script_cvs_date("Date: 2019/10/25 13:36:22"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/08/23"); script_end_attributes(); script_summary(english: "Check for patch 119593-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_119594.NASL description SunOS 5.10_x86: net-svc patch. Date this patch was last updated by Sun : Aug/08/05 last seen 2018-09-02 modified 2018-08-13 plugin id 19451 published 2005-08-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=19451 title Solaris 10 (x86) : 119594-01 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(19451); script_version("1.26"); script_name(english: "Solaris 10 (x86) : 119594-01"); script_cve_id("CVE-2005-2870"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 119594-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: net-svc patch. Date this patch was last updated by Sun : Aug/08/05'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1000197.1.html"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/08/18"); script_cvs_date("Date: 2019/10/25 13:36:22"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/08/23"); script_end_attributes(); script_summary(english: "Check for patch 119594-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS10_119593-01.NASL description SunOS 5.10: net-svc patch. Date this patch was last updated by Sun : Aug/08/05 last seen 2020-06-01 modified 2020-06-02 plugin id 107320 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107320 title Solaris 10 (sparc) : 119593-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(107320); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:22"); script_cve_id("CVE-2005-2870"); script_name(english:"Solaris 10 (sparc) : 119593-01"); script_summary(english:"Check for patch 119593-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 119593-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10: net-svc patch. Date this patch was last updated by Sun : Aug/08/05" ); script_set_attribute( attribute:"see_also", value:"https://download.oracle.com/sunalerts/1000197.1.html" ); script_set_attribute(attribute:"solution", value:"Install patch 119593-01"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:119593"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2005/08/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"119593-01", obsoleted_by:"120011-14 ", package:"SUNWcsr", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWcsr"); }NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_119594-01.NASL description SunOS 5.10_x86: net-svc patch. Date this patch was last updated by Sun : Aug/08/05 last seen 2020-06-01 modified 2020-06-02 plugin id 107823 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107823 title Solaris 10 (x86) : 119594-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(107823); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:22"); script_cve_id("CVE-2005-2870"); script_name(english:"Solaris 10 (x86) : 119594-01"); script_summary(english:"Check for patch 119594-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 119594-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10_x86: net-svc patch. Date this patch was last updated by Sun : Aug/08/05" ); script_set_attribute( attribute:"see_also", value:"https://download.oracle.com/sunalerts/1000197.1.html" ); script_set_attribute(attribute:"solution", value:"Install patch 119594-01"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:119594"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2005/08/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"119594-01", obsoleted_by:"120012-14 ", package:"SUNWcsr", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWcsr"); }