Vulnerabilities > CVE-2007-5225 - Numeric Errors vulnerability in SUN Sunos 5.10/5.8/5.9

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
NONE
local
low complexity
sun
CWE-189
nessus
exploit available

Summary

Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

Vulnerable Configurations

Part Description Count
OS
Sun
3

Common Weakness Enumeration (CWE)

Exploit-Db

  • descriptionSolaris 8/9/10 fifofs I_PEEK Local Kernel memory Leak Exploit. CVE-2007-5225. Local exploit for solaris platform
    fileexploits/solaris/local/5227.c
    idEDB-ID:5227
    last seen2016-01-31
    modified2008-03-10
    platformsolaris
    port
    published2008-03-10
    reporterMarco Ivaldi
    sourcehttps://www.exploit-db.com/download/5227/
    titleSolaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit
    typelocal
  • idEDB-ID:4516

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_117472.NASL
    descriptionSunOS 5.9_x86: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id27097
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27097
    titleSolaris 9 (x86) : 117472-04
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(27097);
      script_version("1.18");
      script_cvs_date("Date: 2019/10/25 13:36:24");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 9 (x86) : 117472-04");
      script_summary(english:"Check for patch 117472-04");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 117472-04"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9_x86: connld, fifofs, fifonode patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117472-04", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117472-04", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"117472-04", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_127737.NASL
    descriptionSunOS 5.10: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2018-09-01
    modified2018-08-13
    plugin id26908
    published2007-10-03
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=26908
    titleSolaris 10 (sparc) : 127737-01
    code
    #%NASL_MIN_LEVEL 80502
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/10/24.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(26908);
     script_version("1.24");
    
     script_name(english: "Solaris 10 (sparc) : 127737-01");
     script_cve_id("CVE-2007-5225");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 127737-01");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.10: fifofs patch.
    Date this patch was last updated by Sun : Oct/02/07');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "http://download.oracle.com/sunalerts/1000506.1.html");
     script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
     script_cwe_id(189);
     script_set_attribute(attribute:"plugin_publication_date", value: "2007/10/03");
     script_cvs_date("Date: 2019/10/25 13:36:24");
     script_set_attribute(attribute:"patch_publication_date", value: "2007/10/02");
     script_set_attribute(attribute:"vuln_publication_date", value: "2007/10/02");
     script_end_attributes();
    
     script_summary(english: "Check for patch 127737-01");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_127738.NASL
    descriptionSunOS 5.10_x86: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2018-09-01
    modified2018-08-13
    plugin id27084
    published2007-10-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=27084
    titleSolaris 10 (x86) : 127738-01
    code
    #%NASL_MIN_LEVEL 80502
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a recommended security fix.
    #
    # Disabled on 2011/10/24.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(27084);
     script_version("1.23");
    
     script_name(english: "Solaris 10 (x86) : 127738-01");
     script_cve_id("CVE-2007-5225");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 127738-01");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.10_x86: fifofs patch.
    Date this patch was last updated by Sun : Oct/02/07');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "http://download.oracle.com/sunalerts/1000506.1.html");
     script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
     script_cwe_id(189);
     script_set_attribute(attribute:"plugin_publication_date", value: "2007/10/17");
     script_cvs_date("Date: 2019/10/25 13:36:24");
     script_set_attribute(attribute:"patch_publication_date", value: "2007/10/02");
     script_set_attribute(attribute:"vuln_publication_date", value: "2007/10/02");
     script_end_attributes();
    
     script_summary(english: "Check for patch 127738-01");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a recommended security fix.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_109454.NASL
    descriptionSunOS 5.8: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id26909
    published2007-10-03
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/26909
    titleSolaris 8 (sparc) : 109454-06
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(26909);
      script_version("1.22");
      script_cvs_date("Date: 2019/10/25 13:36:24");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 8 (sparc) : 109454-06");
      script_summary(english:"Check for patch 109454-06");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 109454-06"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.8: connld, fifofs, fifonode patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109454-06", obsoleted_by:"", package:"SUNWhea", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++;
    if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109454-06", obsoleted_by:"", package:"SUNWcarx", version:"11.8.0,REV=2000.01.13.13.40") < 0) flag++;
    if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109454-06", obsoleted_by:"", package:"SUNWcsxu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++;
    if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109454-06", obsoleted_by:"", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++;
    if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109454-06", obsoleted_by:"", package:"SUNWcsr", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_127737-01.NASL
    descriptionSunOS 5.10: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id107464
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107464
    titleSolaris 10 (sparc) : 127737-01
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(107464);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:23");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 10 (sparc) : 127737-01");
      script_summary(english:"Check for patch 127737-01");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 127737-01"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.10: fifofs patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(attribute:"solution", value:"Install patch 127737-01");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:127737");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    showrev = get_kb_item("Host/Solaris/showrev");
    if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
    os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
    if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
    full_ver = os_ver[1];
    os_level = os_ver[2];
    if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
    package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
    if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
    package_arch = package_arch[1];
    if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch);
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"127737-01", obsoleted_by:"138373-02 144500-19 ", package:"SUNWckr", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++;
    
    if (flag) {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : solaris_get_report()
      );
    } else {
      patch_fix = solaris_patch_fix_get();
      if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
      tested = solaris_pkg_tests_get();
      if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWckr");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_127738-01.NASL
    descriptionSunOS 5.10_x86: fifofs patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id107963
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107963
    titleSolaris 10 (x86) : 127738-01
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(107963);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:24");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 10 (x86) : 127738-01");
      script_summary(english:"Check for patch 127738-01");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 127738-01"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.10_x86: fifofs patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(attribute:"solution", value:"Install patch 127738-01");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:127738");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    showrev = get_kb_item("Host/Solaris/showrev");
    if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
    os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
    if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
    full_ver = os_ver[1];
    os_level = os_ver[2];
    if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
    package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
    if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
    package_arch = package_arch[1];
    if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch);
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"127738-01", obsoleted_by:"144501-19 138374-02 ", package:"SUNWckr", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++;
    
    if (flag) {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : solaris_get_report()
      );
    } else {
      patch_fix = solaris_patch_fix_get();
      if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
      tested = solaris_pkg_tests_get();
      if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWckr");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_X86_109455.NASL
    descriptionSunOS 5.8_x86: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id27088
    published2007-10-17
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/27088
    titleSolaris 8 (x86) : 109455-06
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(27088);
      script_version("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:24");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 8 (x86) : 109455-06");
      script_summary(english:"Check for patch 109455-06");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 109455-06"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.8_x86: connld, fifofs, fifonode patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109455-06", obsoleted_by:"", package:"SUNWhea", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++;
    if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109455-06", obsoleted_by:"", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++;
    if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109455-06", obsoleted_by:"", package:"SUNWcsr", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_117471.NASL
    descriptionSunOS 5.9: connld, fifofs, fifonode patch. Date this patch was last updated by Sun : Oct/02/07
    last seen2020-06-01
    modified2020-06-02
    plugin id26910
    published2007-10-03
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/26910
    titleSolaris 9 (sparc) : 117471-04
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(26910);
      script_version("1.18");
      script_cvs_date("Date: 2019/10/25 13:36:24");
    
      script_cve_id("CVE-2007-5225");
    
      script_name(english:"Solaris 9 (sparc) : 117471-04");
      script_summary(english:"Check for patch 117471-04");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 117471-04"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9: connld, fifofs, fifonode patch.
    Date this patch was last updated by Sun : Oct/02/07"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://download.oracle.com/sunalerts/1000506.1.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"117471-04", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"117471-04", obsoleted_by:"", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"117471-04", obsoleted_by:"", package:"SUNWcsxu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"117471-04", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"117471-04", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2007-11-13T12:01:06.734-05:00
classvulnerability
contributors
nameNicholas Hansen
organizationOpsware, Inc.
definition_extensions
  • commentSolaris 8 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1539
  • commentSolaris 9 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1457
  • commentSolaris 10 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1440
  • commentSolaris 8 (x86) is installed
    ovaloval:org.mitre.oval:def:2059
  • commentSolaris 9 (x86) is installed
    ovaloval:org.mitre.oval:def:1683
  • commentSolaris 10 (x86) is installed
    ovaloval:org.mitre.oval:def:1926
descriptionInteger signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
familyunix
idoval:org.mitre.oval:def:2170
statusaccepted
submitted2007-10-10T07:52:08.000-04:00
titleSecurity Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access
version35

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/64468/solaris-memleak.txt
idPACKETSTORM:64468
last seen2016-12-05
published2008-03-13
reporterMarco Ivaldi
sourcehttps://packetstormsecurity.com/files/64468/solaris-memleak.txt.html
titlesolaris-memleak.txt

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:7976
    last seen2017-11-19
    modified2008-03-11
    published2008-03-11
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-7976
    titleSolaris 8/9/10 fifofs I_PEEK Local Kernel memory Leak Exploit
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:65240
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-65240
    titleSolaris 8/9/10 - fifofs I_PEEK Local Kernel Memory Leak Exploit
  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 25905 CVE(CAN) ID: CVE-2007-5225 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris内核的FIFO实现上存在漏洞,本地攻击者可能利用此漏洞获取内核的敏感信息。 Solaris中的FIFO内核ioctl()处理器存在安全漏洞,该处理器使用I_PEEK ioctl读取FIFO中的一些字节,但没有将这些字节从队列中删除。该命令中的一个参数代表所要读取的字节数,而该参数为整型整数值。由于没有正确地验证这个参数,因此负值就可以导致泄露大量的内核内存内容。 Sun Solaris 9.0 Sun Solaris 8.0 Sun Solaris 10.0 Sun已经为此发布了一个安全公告(Sun-Alert-103061)以及相应补丁: Sun-Alert-103061:Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access 链接:<a href="http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-103061-1" target="_blank">http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-103061-1</a>
    idSSV:2274
    last seen2017-11-19
    modified2007-10-09
    published2007-10-09
    reporterRoot
    titleSun Solaris I_PEEK IOCTL处理器本地信息泄露漏洞