Vulnerabilities > CVE-2007-2465 - Local Denial Of Service vulnerability in Sun Solaris 9 Auditing BSM

047910
CVSS 4.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
sun
nessus
NVD
Published: 2007-05-02
Updated: 2018-10-30

Summary

Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function. The vendor has addressed this issue with the following patches: Sun Solaris 9_x86: Sun x86 Solaris 9 Patch 122301-06 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -122301-06-1 Sun Solaris 9: Sun SPARC Solaris 9 Patch 122300-06 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21 -122300-06-1

Vulnerable Configurations

Part Description Count
OS
Sun
2

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_122300.NASL
    descriptionSunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen2020-06-01
    modified2020-06-02
    plugin id24858
    published2007-03-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24858
    titleSolaris 9 (sparc) : 122300-61
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_122301.NASL
    descriptionSunOS 5.9_x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen2020-06-01
    modified2020-06-02
    plugin id24861
    published2007-03-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24861
    titleSolaris 9 (x86) : 122301-61

Oval

accepted2007-07-18T15:57:48.292-04:00
classvulnerability
contributors
namePai Peng
organizationOpsware, Inc.
descriptionUnspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.
familyunix
idoval:org.mitre.oval:def:1085
statusaccepted
submitted2007-06-15T09:00:00.000-04:00
titleSolaris 9 Systems With Solaris Auditing (BSM) Enabled may Panic if Certain Audit Classes are Being Audited
version36

References