Vulnerabilities > CVE-2007-2990 - Local Denial of Service vulnerability in SUN Solaris 10.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_121289.NASL description SunOS 5.10_x86: inetd & svcs patch. Date this patch was last updated by Sun : May/25/07 last seen 2018-09-01 modified 2018-08-13 plugin id 25393 published 2007-06-04 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=25393 title Solaris 10 (x86) : 121289-04 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(25393); script_version("1.21"); script_name(english: "Solaris 10 (x86) : 121289-04"); script_cve_id("CVE-2007-2990"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 121289-04"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: inetd & svcs patch. Date this patch was last updated by Sun : May/25/07'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/121289-04"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2007/06/04"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/29"); script_end_attributes(); script_summary(english: "Check for patch 121289-04"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS10_121288.NASL description SunOS 5.10: svcs patch. Date this patch was last updated by Sun : May/25/07 last seen 2018-09-02 modified 2018-08-13 plugin id 25388 published 2007-06-04 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=25388 title Solaris 10 (sparc) : 121288-03 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(25388); script_version("1.22"); script_name(english: "Solaris 10 (sparc) : 121288-03"); script_cve_id("CVE-2007-2990"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 121288-03"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: svcs patch. Date this patch was last updated by Sun : May/25/07'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/121288-03"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2007/06/04"); script_cvs_date("Date: 2019/10/25 13:36:23"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/29"); script_end_attributes(); script_summary(english: "Check for patch 121288-03"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");
Oval
| accepted | 2010-09-20T04:00:19.273-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| description | Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | ||||||||
| family | unix | ||||||||
| id | oval:org.mitre.oval:def:2032 | ||||||||
| status | accepted | ||||||||
| submitted | 2007-06-06T11:47:00.000-04:00 | ||||||||
| title | A Security Vulnerability in the Solaris 10 inetd(1M) Service May Lead to a Denial of Service (DoS) Condition | ||||||||
| version | 37 |
References
- http://osvdb.org/36585
- http://secunia.com/advisories/25450
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102921-1
- http://www.securityfocus.com/bid/24213
- http://www.securitytracker.com/id?1018133
- http://www.vupen.com/english/advisories/2007/1984
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34577
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2032