Vulnerabilities > CVE-2007-6505 - Configuration vulnerability in SUN Solaris 9

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
sun
CWE-16
nessus

Summary

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.

Vulnerable Configurations

Part Description Count
OS
Sun
2

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_122300.NASL
    descriptionSunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen2020-06-01
    modified2020-06-02
    plugin id24858
    published2007-03-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24858
    titleSolaris 9 (sparc) : 122300-61
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_122301.NASL
    descriptionSunOS 5.9_x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
    last seen2020-06-01
    modified2020-06-02
    plugin id24861
    published2007-03-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24861
    titleSolaris 9 (x86) : 122301-61

Oval

accepted2008-02-25T04:00:10.579-05:00
classvulnerability
contributors
nameNicholas Hansen
organizationHewlett-Packard
definition_extensions
  • commentSolaris 9 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1457
  • commentSolaris 9 (x86) is installed
    ovaloval:org.mitre.oval:def:1683
descriptionSolaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
familyunix
idoval:org.mitre.oval:def:5282
statusaccepted
submitted2008-01-09T07:41:42.000-05:00
titleSolaris 9 sshd(1M) Patches May Cause Incorrect Audit Data to be Logged
version36