Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE network
high complexity
sun
nessus
Published: 2006-08-14
Updated: 2017-07-20
Summary
The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote attackers to cause a denial of service ("bad trap" and system panic) by opening and closing a large number of TCP connections ("heavy TCP/IP loads"). NOTE: the original report specifies the function name as "drain_squeue," but this is likely incorrect. It is reportedly unlikely that this affects systems not using CMT processors.
Vulnerable Configurations
| Part | Description | Count |
| OS | Sun | 1 |
Nessus
| NASL family | Solaris Local Security Checks |
| NASL id | SOLARIS10_119998.NASL |
| description | SunOS 5.10: arp, ip, ipsecah drivers patch. Date this patch was last updated by Sun : Feb/09/07 |
| last seen | 2018-09-01 |
| modified | 2018-08-13 |
| plugin id | 24372 |
| published | 2007-02-18 |
| reporter | Tenable |
| source | https://www.tenable.com/plugins/index.php?view=single&id=24372 |
| title | Solaris 10 (sparc) : 119998-02 |
| code | #%NASL_MIN_LEVEL 80502
# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.
#
# (C) Tenable Network Security, Inc.
#
#
if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");
if(description)
{
script_id(24372);
script_version("1.22");
script_name(english: "Solaris 10 (sparc) : 119998-02");
script_cve_id("CVE-2006-4117", "CVE-2007-0914");
script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 119998-02");
script_set_attribute(attribute: "description", value:
'SunOS 5.10: arp, ip, ipsecah drivers patch.
Date this patch was last updated by Sun : Feb/09/07');
script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/119998-02");
script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_publication_date", value: "2007/02/18");
script_cvs_date("Date: 2019/10/25 13:36:23");
script_set_attribute(attribute:"vuln_publication_date", value: "2006/08/09");
script_end_attributes();
script_summary(english: "Check for patch 119998-02");
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
family["english"] = "Solaris Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/Solaris/showrev");
exit(0);
}
# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");
|