Vulnerabilities > CVE-2007-3094 - Unspecified vulnerability in SUN Solaris and Sunos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sun
nessus
Summary
Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_121308.NASL description SunOS 5.10: Solaris Management Console Pat. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121308 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 20273 published 2005-12-07 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20273 title Solaris 10 (sparc) : 121308-20 (deprecated) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(20273); script_version("1.53"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2005-3398", "CVE-2005-3498", "CVE-2007-3093", "CVE-2007-3094"); script_name(english:"Solaris 10 (sparc) : 121308-20 (deprecated)"); script_summary(english:"Check for patch 121308-20"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10: Solaris Management Console Pat. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121308 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/121308-20" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2010/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/12/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 121308 instead.");NASL family Solaris Local Security Checks NASL id SOLARIS9_112945.NASL description SunOS 5.9: wbem Patch. Date this patch was last updated by Sun : Aug/01/07 last seen 2020-06-01 modified 2020-06-02 plugin id 16089 published 2005-01-03 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16089 title Solaris 9 (sparc) : 112945-46 NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_114193.NASL description SunOS 5.9_x86: wbem Patch. Date this patch was last updated by Sun : Aug/01/07 last seen 2020-06-01 modified 2020-06-02 plugin id 16091 published 2005-01-03 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16091 title Solaris 9 (x86) : 114193-36 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_121309.NASL description SunOS 5.10_x86: Solaris Management Console. Date this patch was last updated by Sun : Apr/02/10 This plugin has been deprecated and either replaced with individual 121309 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 20276 published 2005-12-07 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=20276 title Solaris 10 (x86) : 121309-20 (deprecated)
Oval
| accepted | 2007-07-11T15:17:31.878-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:1341 | ||||
| status | accepted | ||||
| submitted | 2007-06-08T14:30:00.000-04:00 | ||||
| title | Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges | ||||
| version | 35 |
References
- http://osvdb.org/36591
- http://osvdb.org/36591
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102902-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102902-1
- http://www.securityfocus.com/bid/24326
- http://www.securityfocus.com/bid/24326
- http://www.securitytracker.com/id?1018205
- http://www.securitytracker.com/id?1018205
- http://www.vupen.com/english/advisories/2007/2076
- http://www.vupen.com/english/advisories/2007/2076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34735
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34735
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1341
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1341