Vulnerabilities > CVE-2007-4395 - Remote Privilege Escalation vulnerability in SUN Sunos 5.8

CVSS 7.6 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

high complexity

sun

NVD

Published: 2007-08-17

Updated: 2018-10-30

Summary

Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. Successful exploitation requires that the attacker knows the password for certain affected roles.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Sunos 5.8	1

Oval

accepted

2007-09-27T08:57:42.671-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Opsware, Inc.

definition_extensions

comment Solaris 8 (SPARC) is installed
oval oval:org.mitre.oval:def:1539
comment Solaris 8 (x86) is installed
oval oval:org.mitre.oval:def:2059

description

Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.

family

unix

oval:org.mitre.oval:def:1941

status

accepted

submitted

2007-08-21T07:46:29.000-04:00

title

Two Security Vulnerabilities in Solaris 8 Role Based Access Control (rbac(5)) may Allow Unauthorized Remote Access

version

Summary

Vulnerable Configurations

Oval

References