Vulnerabilities > CVE-2007-3093 - Unspecified vulnerability in SUN Solaris and Sunos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sun
nessus
Summary
Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 6 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_111313.NASL description SunOS 5.8: Viper Library Patch. Date this patch was last updated by Sun : May/22/07 last seen 2020-06-01 modified 2020-06-02 plugin id 13368 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13368 title Solaris 8 (sparc) : 111313-06 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13368); script_version("1.33"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_cve_id("CVE-2007-3093"); script_name(english:"Solaris 8 (sparc) : 111313-06"); script_summary(english:"Check for patch 111313-06"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 111313-06" ); script_set_attribute( attribute:"description", value: "SunOS 5.8: Viper Library Patch. Date this patch was last updated by Sun : May/22/07" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/111313-06" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2007/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"111313-06", obsoleted_by:"", package:"SUNWmc", version:"11.8,REV=2000.10.25.13.07") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");
NASL family Solaris Local Security Checks NASL id SOLARIS10_121308.NASL description SunOS 5.10: Solaris Management Console Pat. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121308 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 20273 published 2005-12-07 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20273 title Solaris 10 (sparc) : 121308-20 (deprecated) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(20273); script_version("1.53"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2005-3398", "CVE-2005-3498", "CVE-2007-3093", "CVE-2007-3094"); script_name(english:"Solaris 10 (sparc) : 121308-20 (deprecated)"); script_summary(english:"Check for patch 121308-20"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10: Solaris Management Console Pat. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121308 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/121308-20" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/12/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 121308 instead.");
NASL family Solaris Local Security Checks NASL id SOLARIS9_112945.NASL description SunOS 5.9: wbem Patch. Date this patch was last updated by Sun : Aug/01/07 last seen 2020-06-01 modified 2020-06-02 plugin id 16089 published 2005-01-03 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16089 title Solaris 9 (sparc) : 112945-46 NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_111314.NASL description SunOS 5.8_x86: Viper Library Patch. Date this patch was last updated by Sun : May/22/07 last seen 2020-06-01 modified 2020-06-02 plugin id 13472 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13472 title Solaris 8 (x86) : 111314-06 NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_114193.NASL description SunOS 5.9_x86: wbem Patch. Date this patch was last updated by Sun : Aug/01/07 last seen 2020-06-01 modified 2020-06-02 plugin id 16091 published 2005-01-03 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16091 title Solaris 9 (x86) : 114193-36 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_121309.NASL description SunOS 5.10_x86: Solaris Management Console. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121309 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 20276 published 2005-12-07 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20276 title Solaris 10 (x86) : 121309-20 (deprecated)
Oval
accepted | 2007-07-11T15:17:32.331-04:00 | ||||
class | vulnerability | ||||
contributors |
| ||||
description | Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. | ||||
family | unix | ||||
id | oval:org.mitre.oval:def:1680 | ||||
status | accepted | ||||
submitted | 2007-06-08T14:30:00.000-04:00 | ||||
title | Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges | ||||
version | 35 |
References
- http://osvdb.org/36590
- http://osvdb.org/36590
- http://secunia.com/advisories/25566
- http://secunia.com/advisories/25566
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102903-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102903-1
- http://www.securityfocus.com/bid/24327
- http://www.securityfocus.com/bid/24327
- http://www.securitytracker.com/id?1018206
- http://www.securitytracker.com/id?1018206
- http://www.vupen.com/english/advisories/2007/2077
- http://www.vupen.com/english/advisories/2007/2077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34734
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34734
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1680
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1680