Vulnerabilities > CVE-2006-4049 - Local Arbitrary File Overwrite vulnerability in SUN RAY Server Software 3.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files via unknown attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_114880.NASL description Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08 last seen 2020-06-01 modified 2020-06-02 plugin id 23503 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23503 title Solaris 9 (sparc) : 114880-12 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(23503); script_version("1.21"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2006-4049", "CVE-2007-0482"); script_name(english:"Solaris 9 (sparc) : 114880-12"); script_summary(english:"Check for patch 114880-12"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 114880-12" ); script_set_attribute( attribute:"description", value: "Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/114880-12" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutux", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutkio", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWuto", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutu", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutesa", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutps", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWuta", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutscr", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutr", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS8_114880.NASL description Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08 last seen 2020-06-01 modified 2020-06-02 plugin id 23368 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23368 title Solaris 8 (sparc) : 114880-12 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(23368); script_version("1.21"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2006-4049", "CVE-2007-0482"); script_name(english:"Solaris 8 (sparc) : 114880-12"); script_summary(english:"Check for patch 114880-12"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 114880-12" ); script_set_attribute( attribute:"description", value: "Sun Ray Server version 2.0 Patch Update. Date this patch was last updated by Sun : Feb/14/08" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/114880-12" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutux", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutkio", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWuto", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutu", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutesa", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutps", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWuta", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutscr", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"114880-12", obsoleted_by:"", package:"SUNWutr", version:"2.0_37.b,REV=2002.12.19.07.46") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");