Vulnerabilities > CVE-2007-2989 - Denial of Service vulnerability in SUN Solaris 9.0

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

sun

nessus

NVD

Published: 2007-06-01

Updated: 2017-10-11

Summary

The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Solaris 9.0	2

Nessus

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_X86_114435.NASL
description	SunOS 5.9_x86: IKE patch. Date this patch was last updated by Sun : Aug/09/10
last seen	2016-09-26
modified	2012-06-14
plugin id	13602
published	2004-07-12
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=13602
title	Solaris 9 (x86) : 114435-16

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_113451.NASL
description	SunOS 5.9: IKE patch. Date this patch was last updated by Sun : Aug/09/10
last seen	2016-09-26
modified	2012-06-14
plugin id	13538
published	2004-07-12
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=13538
title	Solaris 9 (sparc) : 113451-17

Oval

accepted

2007-07-10T21:08:50.458-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Opsware, Inc.

description

family

unix

oval:org.mitre.oval:def:1966

status

accepted

submitted

2007-06-06T11:47:00.000-04:00

title

A Security Vulnerability in the in.iked(1M) Service May Lead To a Denial of Service (DoS)

version

Summary

Vulnerable Configurations

Nessus

Oval

References