Vulnerabilities > CVE-2007-4395 - Remote Privilege Escalation vulnerability in SUN Sunos 5.8
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. Successful exploitation requires that the attacker knows the password for certain affected roles.
Oval
accepted | 2007-09-27T08:57:42.671-04:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:1941 | ||||||||
status | accepted | ||||||||
submitted | 2007-08-21T07:46:29.000-04:00 | ||||||||
title | Two Security Vulnerabilities in Solaris 8 Role Based Access Control (rbac(5)) may Allow Unauthorized Remote Access | ||||||||
version | 35 |
References
- http://osvdb.org/36614
- http://secunia.com/advisories/26494
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103029-1
- http://www.securityfocus.com/bid/25353
- http://www.securitytracker.com/id?1018582
- http://www.vupen.com/english/advisories/2007/2916
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36080
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1941