Vulnerabilities > CVE-2006-0769 - Local Privilege Escalation vulnerability in SUN Solaris 10.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_120329.NASL description SunOS 5.10: rexec patch. Date this patch was last updated by Sun : Feb/13/06 last seen 2018-09-01 modified 2018-08-13 plugin id 20943 published 2006-02-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20943 title Solaris 10 (sparc) : 120329-02 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a security fix. # # Disabled on 2013/04/30. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(20943); script_version("1.27"); script_name(english: "Solaris 10 (sparc) : 120329-02"); script_cve_id("CVE-2006-0769"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 120329-02"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: rexec patch. Date this patch was last updated by Sun : Feb/13/06'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1000978.1.html"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute: "patch_publication_date", value: "2006/02/13"); script_set_attribute(attribute: "cpe", value: "cpe:/o:sun:solaris"); script_set_attribute(attribute: "plugin_type", value: "local"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/02/19"); script_cvs_date("Date: 2019/10/25 13:36:23"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/14"); script_end_attributes(); script_summary(english: "Check for patch 120329-02"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_120330.NASL description SunOS 5.10_x86: rexec patch. Date this patch was last updated by Sun : Feb/13/06 last seen 2018-09-01 modified 2018-08-13 plugin id 20944 published 2006-02-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20944 title Solaris 10 (x86) : 120330-02 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a security fix. # # Disabled on 2013/02/18. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(20944); script_version("1.25"); script_name(english: "Solaris 10 (x86) : 120330-02"); script_cve_id("CVE-2006-0769"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 120330-02"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: rexec patch. Date this patch was last updated by Sun : Feb/13/06'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1000978.1.html"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute: "patch_publication_date", value: "2006/02/13"); script_set_attribute(attribute: "cpe", value: "cpe:/o:sun:solaris"); script_set_attribute(attribute: "plugin_type", value: "local"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/02/19"); script_cvs_date("Date: 2019/10/25 13:36:23"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/02/14"); script_end_attributes(); script_summary(english: "Check for patch 120330-02"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a security fix.");
Oval
| accepted | 2006-04-06T06:30:00.000-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:1580 | ||||
| status | accepted | ||||
| submitted | 2006-02-19T05:38:00.000-04:00 | ||||
| title | Kerberos Command Execution Vulnerability rexec Daemon | ||||
| version | 36 |
References
- http://secunia.com/advisories/18891
- http://securitytracker.com/id?1015635
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102186-1
- http://www.ciac.org/ciac/bulletins/q-126.shtml
- http://www.securityfocus.com/bid/16658
- http://www.vupen.com/english/advisories/2006/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24680
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1580