Vulnerabilities > CVE-2007-2267 - Denial Of Service vulnerability in SUN Cluster 3.1/3.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote authenticated users, operating from a different cluster node, to cause a denial of service (data corruption or send_mondo panic) via unspecified vectors, as demonstrated by EMC Symcli backup software 6.2.1.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_126105.NASL description Sun Cluster 3.2: CORE patch for Solaris 9. Date this patch was last updated by Sun : Apr/27/10 last seen 2020-06-01 modified 2020-06-02 plugin id 27024 published 2007-10-12 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27024 title Solaris 9 (sparc) : 126105-42 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(27024); script_version("1.32"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2007-2267", "CVE-2009-3433"); script_bugtraq_id(36486); script_xref(name:"IAVA", value:"2009-A-0087"); script_name(english:"Solaris 9 (sparc) : 126105-42"); script_summary(english:"Check for patch 126105-42"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 126105-42" ); script_set_attribute( attribute:"description", value: "Sun Cluster 3.2: CORE patch for Solaris 9. Date this patch was last updated by Sun : Apr/27/10" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/126105-42" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/04/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/12"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscrtlh", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmd", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWsczu", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscdev", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscucm", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscsam", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscu", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmasa", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWudlmr", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmasar", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmautil", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWcvm", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscsal", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmasau", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWsctelemetry", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWccon", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscmasasen", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscr", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscspmu", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWcvmr", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWsccomzu", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscssv", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscderby", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscrif", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWsccomu", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWudlm", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"126105-42", obsoleted_by:"", package:"SUNWscgds", version:"3.2.0,REV=2006.12.05.22.50") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_120500.NASL description Sun Cluster 3.1: Core Patch for Solaris 10. Date this patch was last updated by Sun : Dec/08/11 This plugin has been deprecated and either replaced with individual 120500 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22962 published 2006-11-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22962 title Solaris 10 (sparc) : 120500-28 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_126107.NASL description Sun Cluster 3.2: CORE patch for Solaris 10_x86. Date this patch was last updated by Sun : Apr/27/10 This plugin has been deprecated and either replaced with individual 126107 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 27002 published 2007-10-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=27002 title Solaris 10 (x86) : 126107-42 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_117909.NASL description Sun Cluster 3.1_x86: Core Patch for Solaris 9_x86. Date this patch was last updated by Sun : Dec/08/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23603 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23603 title Solaris 9 (x86) : 117909-43 NASL family Solaris Local Security Checks NASL id SOLARIS8_117950.NASL description Sun Cluster 3.1: Core Patch for Solaris 8. Date this patch was last updated by Sun : Dec/08/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23402 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23402 title Solaris 8 (sparc) : 117950-43 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_120501.NASL description Sun Cluster 3.1_x86: Core Patch for Solaris 10_x86. Date this patch was last updated by Sun : Dec/08/11 This plugin has been deprecated and either replaced with individual 120501 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22995 published 2006-11-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22995 title Solaris 10 (x86) : 120501-28 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS9_117949.NASL description Sun Cluster 3.1: Core Patch for Solaris 9. Date this patch was last updated by Sun : Dec/08/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23541 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23541 title Solaris 9 (sparc) : 117949-43 NASL family Solaris Local Security Checks NASL id SOLARIS10_126106.NASL description Sun Cluster 3.2: CORE patch for Solaris 10. Date this patch was last updated by Sun : Apr/27/10 This plugin has been deprecated and either replaced with individual 126106 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 26990 published 2007-10-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=26990 title Solaris 10 (sparc) : 126106-42 (deprecated)
References
- http://osvdb.org/35320
- http://secunia.com/advisories/24985
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102874-1
- http://www.securityfocus.com/bid/23638
- http://www.securitytracker.com/id?1017953
- http://www.securitytracker.com/id?1018642
- http://www.vupen.com/english/advisories/2007/1530
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33858