Vulnerabilities > CVE-2009-0132 - Numeric Errors vulnerability in SUN Opensolaris and Solaris
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 8 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_121394.NASL description SunOS 5.10 kaio and aio_impl.h patch. Date this patch was last updated by Sun : Feb/27/09 last seen 2018-09-01 modified 2018-08-13 plugin id 35407 published 2009-01-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35407 title Solaris 10 (sparc) : 121394-03 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(35407); script_version("1.15"); script_name(english: "Solaris 10 (sparc) : 121394-03"); script_cve_id("CVE-2009-0132"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 121394-03"); script_set_attribute(attribute: "description", value: 'SunOS 5.10 kaio and aio_impl.h patch. Date this patch was last updated by Sun : Feb/27/09'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/121394-03"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(189); script_set_attribute(attribute:"plugin_publication_date", value: "2009/01/19"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_end_attributes(); script_summary(english: "Check for patch 121394-03"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_138578.NASL description SunOS 5.9_x86: kernel/sys/kaio patch. Date this patch was last updated by Sun : Jan/07/09 last seen 2020-06-01 modified 2020-06-02 plugin id 35423 published 2009-01-19 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35423 title Solaris 9 (x86) : 138578-01 NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_117351.NASL description SunOS 5.8_x86: kernel patch. Date this patch was last updated by Sun : Mar/09/09 last seen 2020-06-01 modified 2020-06-02 plugin id 20947 published 2006-02-19 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20947 title Solaris 8 (x86) : 117351-61 NASL family Solaris Local Security Checks NASL id SOLARIS8_117350.NASL description SunOS 5.8: kernel patch. Date this patch was last updated by Sun : Apr/21/09 last seen 2020-06-01 modified 2020-06-02 plugin id 20945 published 2006-02-19 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20945 title Solaris 8 (sparc) : 117350-62 NASL family Solaris Local Security Checks NASL id SOLARIS9_138577.NASL description SunOS 5.9: kernel/sys/kaio patch. Date this patch was last updated by Sun : Jan/07/09 last seen 2020-06-01 modified 2020-06-02 plugin id 35420 published 2009-01-19 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35420 title Solaris 9 (sparc) : 138577-01 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_121395.NASL description SunOS 5.10_x86 kaio and aio_impl.h patch. Date this patch was last updated by Sun : Feb/27/09 last seen 2018-09-01 modified 2018-08-13 plugin id 35413 published 2009-01-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35413 title Solaris 10 (x86) : 121395-03
References
- http://secunia.com/advisories/33516
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-117350-59-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-247986-1
- http://www.securityfocus.com/bid/33188
- http://www.securitytracker.com/id?1021553
- http://www.trapkit.de/advisories/TKADV2009-001.txt
- http://www.vupen.com/english/advisories/2009/0099