Vulnerabilities > CVE-2007-5921 - Local Denial of Service vulnerability in Sun Solaris Volume Manager
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_116669.NASL description SunOS 5.9: md patch. Date this patch was last updated by Sun : Sep/29/11 last seen 2020-06-01 modified 2020-06-02 plugin id 28280 published 2007-11-20 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28280 title Solaris 9 (sparc) : 116669-40 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(28280); script_version("1.23"); script_cvs_date("Date: 2019/10/25 13:36:27"); script_cve_id("CVE-2007-5921", "CVE-2008-1480"); script_name(english:"Solaris 9 (sparc) : 116669-40"); script_summary(english:"Check for patch 116669-40"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 116669-40" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: md patch. Date this patch was last updated by Sun : Sep/29/11" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/116669-40" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2011/09/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmddr", version:"11.9.0,REV=2002.10.31.12.35") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_126257.NASL description SunOS 5.10_x86: rpc.metad patch. Date this patch was last updated by Sun : Feb/07/08 last seen 2018-09-02 modified 2018-08-13 plugin id 28279 published 2007-11-20 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=28279 title Solaris 10 (x86) : 126257-07 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(28279); script_version("1.17"); script_name(english: "Solaris 10 (x86) : 126257-07"); script_cve_id("CVE-2007-5921"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 126257-07"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: rpc.metad patch. Date this patch was last updated by Sun : Feb/07/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/126257-07"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2007/11/20"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_end_attributes(); script_summary(english: "Check for patch 126257-07"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_122371.NASL description SunOS 5.9_x86: md Patch. Date this patch was last updated by Sun : Sep/29/11 last seen 2020-06-01 modified 2020-06-02 plugin id 28281 published 2007-11-20 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28281 title Solaris 9 (x86) : 122371-15 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(28281); script_version("1.22"); script_cvs_date("Date: 2019/10/25 13:36:27"); script_cve_id("CVE-2007-5921"); script_name(english:"Solaris 9 (x86) : 122371-15"); script_summary(english:"Check for patch 122371-15"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 122371-15" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: md Patch. Date this patch was last updated by Sun : Sep/29/11" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/122371-15" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2011/09/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"122371-15", obsoleted_by:"", package:"SUNWmdr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"122371-15", obsoleted_by:"", package:"SUNWmdu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"122371-15", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_124256.NASL description SunOS 5.10: md_mirror patch. Date this patch was last updated by Sun : Feb/29/08 last seen 2018-09-02 modified 2018-08-13 plugin id 28278 published 2007-11-20 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=28278 title Solaris 10 (sparc) : 124256-06 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(28278); script_version("1.20"); script_name(english: "Solaris 10 (sparc) : 124256-06"); script_cve_id("CVE-2007-5921"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 124256-06"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: md_mirror patch. Date this patch was last updated by Sun : Feb/29/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/124256-06"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2007/11/20"); script_cvs_date("Date: 2019/10/25 13:36:23"); script_end_attributes(); script_summary(english: "Check for patch 124256-06"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");
Oval
| accepted | 2007-12-24T04:05:42.679-05:00 | ||||||||||||||||
| class | vulnerability | ||||||||||||||||
| contributors |
| ||||||||||||||||
| definition_extensions |
| ||||||||||||||||
| description | Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346. | ||||||||||||||||
| family | unix | ||||||||||||||||
| id | oval:org.mitre.oval:def:4095 | ||||||||||||||||
| status | accepted | ||||||||||||||||
| submitted | 2007-11-14T13:46:57.000-05:00 | ||||||||||||||||
| title | A Security Vulnerability in Solaris Volume Manager (SVM) May Allow a Denial of Service (DoS) | ||||||||||||||||
| version | 36 |
References
- http://osvdb.org/40817
- http://secunia.com/advisories/27519
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103143-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200582-1
- http://www.securityfocus.com/bid/26376
- http://www.securitytracker.com/id?1018916
- http://www.vupen.com/english/advisories/2007/3804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38319
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4095