Vulnerabilities > CVE-2008-1480 - Remote Denial of Service vulnerability in Sun Solaris 'rpc.metad'
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Exploit-Db
| description | SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC. CVE-2008-1480. Dos exploit for solaris platform |
| file | exploits/solaris/dos/5258.c |
| id | EDB-ID:5258 |
| last seen | 2016-01-31 |
| modified | 2008-03-14 |
| platform | solaris |
| port | |
| published | 2008-03-14 |
| reporter | kingcope |
| source | https://www.exploit-db.com/download/5258/ |
| title | SunOS 5.10 Sun Cluster rpc.metad Denial of Service PoC |
| type | dos |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_116669.NASL description SunOS 5.9: md patch. Date this patch was last updated by Sun : Sep/29/11 last seen 2020-06-01 modified 2020-06-02 plugin id 28280 published 2007-11-20 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28280 title Solaris 9 (sparc) : 116669-40 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(28280); script_version("1.23"); script_cvs_date("Date: 2019/10/25 13:36:27"); script_cve_id("CVE-2007-5921", "CVE-2008-1480"); script_name(english:"Solaris 9 (sparc) : 116669-40"); script_summary(english:"Check for patch 116669-40"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 116669-40" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: md patch. Date this patch was last updated by Sun : Sep/29/11" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/116669-40" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2011/09/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmdx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116669-40", obsoleted_by:"", package:"SUNWmddr", version:"11.9.0,REV=2002.10.31.12.35") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_138574.NASL description SunOS 5.9_x86: usr/sbin/rpc.metad patch. Date this patch was last updated by Sun : Jan/07/09 last seen 2020-06-01 modified 2020-06-02 plugin id 35422 published 2009-01-19 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35422 title Solaris 9 (x86) : 138574-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(35422); script_version("1.11"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2008-1480"); script_name(english:"Solaris 9 (x86) : 138574-01"); script_summary(english:"Check for patch 138574-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 138574-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: usr/sbin/rpc.metad patch. Date this patch was last updated by Sun : Jan/07/09" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/138574-01" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/01/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"138574-01", obsoleted_by:"", package:"SUNWmdu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_138632.NASL description SunOS 5.10: SUNW_md_link.so patch. Date this patch was last updated by Sun : Jan/07/09 last seen 2018-09-01 modified 2018-08-13 plugin id 35410 published 2009-01-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35410 title Solaris 10 (sparc) : 138632-03 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_138882.NASL description SunOS 5.10_x86: SUNW_md_link.so patch. Date this patch was last updated by Sun : Jan/07/09 last seen 2018-09-01 modified 2018-08-13 plugin id 35416 published 2009-01-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35416 title Solaris 10 (x86) : 138882-02
Oval
| accepted | 2009-06-15T04:00:46.835-04:00 | ||||||||||||||||
| class | vulnerability | ||||||||||||||||
| contributors |
| ||||||||||||||||
| definition_extensions |
| ||||||||||||||||
| description | rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. | ||||||||||||||||
| family | unix | ||||||||||||||||
| id | oval:org.mitre.oval:def:5698 | ||||||||||||||||
| status | accepted | ||||||||||||||||
| submitted | 2009-05-06T17:15:10.000-04:00 | ||||||||||||||||
| title | The Solaris rpc.metad(1M) Daemon is Vulnerable to a Denial of Service (DoS) Attack | ||||||||||||||||
| version | 35 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 28261 CVE(CAN) ID: CVE-2008-1480 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 如果远程攻击者向Solaris提交了恶意RPC请求的话,就会导致rpc.metad(1M)崩溃,服务和Solaris卷标管理器(SVM)命令会失效,这是一种拒绝服务。 Sun Solaris 9.0_x86 Sun Solaris 9.0 Sun Solaris 10.0_x86 Sun Solaris 10.0 Sun OpenSolaris snv_01 - snv_95 Sun Solstice Disk Suite 4.2.1 厂商补丁: Sun --- Sun已经为此发布了一个安全公告(Sun-Alert-249146)以及相应补丁: Sun-Alert-249146:The Solaris rpc.metad(1M) Daemon is Vulnerable to a Denial of Service (DoS) Attack 链接:<a href=http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-249146-1 target=_blank rel=external nofollow>http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-249146-1</a> |
| id | SSV:4653 |
| last seen | 2017-11-19 |
| modified | 2009-01-12 |
| published | 2009-01-12 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-4653 |
| title | Sun Solaris rpc.metad远程拒绝服务漏洞 |
References
- http://secunia.com/advisories/29418
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-249146-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-015.htm
- http://www.securityfocus.com/bid/28261
- http://www.securitytracker.com/id?1019652
- http://www.vupen.com/english/advisories/2008/0918/references
- http://www.vupen.com/english/advisories/2009/0206
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41224
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5698
- https://www.exploit-db.com/exploits/5258