Vulnerabilities > CVE-2007-2989 - Unspecified vulnerability in SUN Solaris 9.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sun
nessus
Summary
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_114435.NASL description SunOS 5.9_x86: IKE patch. Date this patch was last updated by Sun : Aug/09/10 last seen 2016-09-26 modified 2012-06-14 plugin id 13602 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13602 title Solaris 9 (x86) : 114435-16 NASL family Solaris Local Security Checks NASL id SOLARIS9_113451.NASL description SunOS 5.9: IKE patch. Date this patch was last updated by Sun : Aug/09/10 last seen 2016-09-26 modified 2012-06-14 plugin id 13538 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13538 title Solaris 9 (sparc) : 113451-17
Oval
| accepted | 2007-07-10T21:08:50.458-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:1966 | ||||
| status | accepted | ||||
| submitted | 2007-06-06T11:47:00.000-04:00 | ||||
| title | A Security Vulnerability in the in.iked(1M) Service May Lead To a Denial of Service (DoS) | ||||
| version | 36 |
References
- http://osvdb.org/36584
- http://osvdb.org/36584
- http://secunia.com/advisories/25465
- http://secunia.com/advisories/25465
- http://secunia.com/advisories/25661
- http://secunia.com/advisories/25661
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102745-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102745-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-227.htm
- http://support.avaya.com/elmodocs2/security/ASA-2007-227.htm
- http://www.securityfocus.com/bid/24209
- http://www.securityfocus.com/bid/24209
- http://www.securitytracker.com/id?1018134
- http://www.securitytracker.com/id?1018134
- http://www.vupen.com/english/advisories/2007/1982
- http://www.vupen.com/english/advisories/2007/1982
- http://www.vupen.com/english/advisories/2007/2188
- http://www.vupen.com/english/advisories/2007/2188
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34576
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34576
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1966
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1966