Vulnerabilities > CVE-2007-3723 - Denial-Of-Service vulnerability in Sun Solaris

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

local

low complexity

sun

NVD

Published: 2007-07-12

Updated: 2008-11-15

Summary

The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Solaris *	1

References

http://osvdb.org/36616
http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf