Vulnerabilities > CVE-2008-4160 - Resource Management Errors vulnerability in SUN Opensolaris and Solaris

CVSS 4.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

sun

CWE-399

nessus

NVD

Published: 2008-09-22

Updated: 2017-09-29

Summary

Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Opensolaris Snv_01 SUN Opensolaris Snv_02 SUN Opensolaris Snv_03 SUN Opensolaris Snv_04 SUN Opensolaris Snv_05 SUN Opensolaris Snv_06 SUN Opensolaris Snv_07 SUN Opensolaris Snv_08 SUN Opensolaris Snv_09 SUN Opensolaris Snv_10 SUN Opensolaris Snv_11 SUN Opensolaris Snv_12 SUN Opensolaris Snv_13 SUN Opensolaris Snv_14 SUN Opensolaris Snv_15 SUN Opensolaris Snv_16 SUN Opensolaris Snv_17 SUN Opensolaris Snv_18 SUN Opensolaris Snv_19 SUN Opensolaris Snv_20 SUN Opensolaris Snv_21 SUN Opensolaris Snv_23 SUN Opensolaris Snv_24 SUN Opensolaris Snv_25 SUN Opensolaris Snv_26 SUN Opensolaris Snv_27 SUN Opensolaris Snv_28 SUN Opensolaris Snv_29 SUN Opensolaris Snv_30 SUN Opensolaris Snv_31 SUN Opensolaris Snv_32 SUN Opensolaris Snv_33 SUN Opensolaris Snv_34 SUN Opensolaris Snv_35 SUN Opensolaris Snv_36 SUN Opensolaris Snv_37 SUN Opensolaris Snv_38 SUN Opensolaris Snv_39 SUN Opensolaris Snv_41 SUN Opensolaris Snv_42 SUN Opensolaris Snv_43 SUN Opensolaris Snv_44 SUN Opensolaris Snv_45 SUN Opensolaris Snv_46 SUN Opensolaris Snv_47 SUN Opensolaris Snv_48 SUN Opensolaris Snv_49 SUN Opensolaris Snv_50 SUN Opensolaris Snv_51 SUN Opensolaris Snv_52 SUN Opensolaris Snv_53 SUN Opensolaris Snv_54 SUN Opensolaris Snv_55 SUN Opensolaris Snv_56 SUN Opensolaris Snv_57 SUN Opensolaris Snv_58 SUN Opensolaris Snv_59 SUN Opensolaris Snv_60 SUN Opensolaris Snv_61 SUN Opensolaris Snv_62 SUN Opensolaris Snv_63 SUN Opensolaris Snv_64 SUN Opensolaris Snv_65 SUN Opensolaris Snv_66 SUN Opensolaris Snv_67 SUN Opensolaris Snv_68 SUN Opensolaris Snv_69 SUN Opensolaris Snv_70 SUN Opensolaris Snv_71 SUN Opensolaris Snv_72 SUN Opensolaris Snv_73 SUN Opensolaris Snv_74 SUN Opensolaris Snv_75 SUN Opensolaris Snv_76 SUN Opensolaris Snv_77 SUN Opensolaris Snv_78 SUN Opensolaris Snv_79 SUN Opensolaris Snv_81 SUN Opensolaris Snv_82 SUN Opensolaris Snv_83 SUN Opensolaris Snv_84 SUN Opensolaris Snv_85 SUN Opensolaris Snv_86 SUN Opensolaris Snv_87 SUN Opensolaris Snv_22 SUN Opensolaris Snv_40 SUN Opensolaris Snv_80 SUN Solaris 8 SUN Solaris 9 SUN Solaris 10	177

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_122300.NASL
description	SunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
last seen	2020-06-01
modified	2020-06-02
plugin id	24858
published	2007-03-18
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24858
title	Solaris 9 (sparc) : 122300-61

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_X86_139484.NASL
description	SunOS 5.10_x86: ufs patch. Date this patch was last updated by Sun : Mar/12/09
last seen	2018-09-01
modified	2018-08-13
plugin id	35214
published	2008-12-17
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=35214
title	Solaris 10 (x86) : 139484-05

NASL family	Solaris Local Security Checks
NASL id	SOLARIS8_X86_117351.NASL
description	SunOS 5.8_x86: kernel patch. Date this patch was last updated by Sun : Mar/09/09
last seen	2020-06-01
modified	2020-06-02
plugin id	20947
published	2006-02-19
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20947
title	Solaris 8 (x86) : 117351-61

NASL family	Solaris Local Security Checks
NASL id	SOLARIS8_117350.NASL
description	SunOS 5.8: kernel patch. Date this patch was last updated by Sun : Apr/21/09
last seen	2020-06-01
modified	2020-06-02
plugin id	20945
published	2006-02-19
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/20945
title	Solaris 8 (sparc) : 117350-62

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_X86_122301.NASL
description	SunOS 5.9_x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11
last seen	2020-06-01
modified	2020-06-02
plugin id	24861
published	2007-03-18
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/24861
title	Solaris 9 (x86) : 122301-61

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_139483.NASL
description	SunOS 5.10: ufs patch. Date this patch was last updated by Sun : Mar/12/09
last seen	2018-09-01
modified	2018-08-13
plugin id	35203
published	2008-12-17
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=35203
title	Solaris 10 (sparc) : 139483-05

Oval

accepted

2009-09-28T04:00:06.168-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Hewlett-Packard

definition_extensions

comment Solaris 8 (SPARC) is installed
oval oval:org.mitre.oval:def:1539
comment Solaris 9 (SPARC) is installed
oval oval:org.mitre.oval:def:1457
comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 8 (x86) is installed
oval oval:org.mitre.oval:def:2059
comment Solaris 9 (x86) is installed
oval oval:org.mitre.oval:def:1683
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

family

unix

oval:org.mitre.oval:def:5639

status

accepted

submitted

2009-08-19T11:48:53.000-04:00

title

Security Vulnerability in the ACL (acl(2)) Implementation for UFS File Systems May Allow a Local User to Panic the System

version

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Oval

References