Vulnerabilities > CVE-2006-5213 - Local Insecure Permissions vulnerability in SUN Solaris 10.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_118855.NASL description SunOS 5.10_x86: kernel patch. Date this patch was last updated by Sun : Jan/29/07 This plugin has been deprecated and either replaced with individual 118855 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22154 published 2006-08-04 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22154 title Solaris 10 (x86) : 118855-36 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_118833.NASL description SunOS 5.10: kernel patch. Date this patch was last updated by Sun : Jan/29/07 This plugin has been deprecated and either replaced with individual 118833 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 21792 published 2006-07-03 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=21792 title Solaris 10 (sparc) : 118833-36 (deprecated)
References
- http://secunia.com/advisories/22246
- http://secunia.com/advisories/22992
- http://securitytracker.com/id?1017013
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102606-1
- http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
- http://www.securityfocus.com/bid/20377
- http://www.vupen.com/english/advisories/2006/3961
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29381