Vulnerabilities > CVE-2009-0167 - Local Denial Of Service vulnerability in SUN Opensolaris and Solaris
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
Vulnerable Configurations
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_139390-01.NASL description SunOS 5.10: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08 last seen 2020-06-01 modified 2020-06-02 plugin id 107512 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107512 title Solaris 10 (sparc) : 139390-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(107512); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_cve_id("CVE-2009-0167", "CVE-2009-0168"); script_name(english:"Solaris 10 (sparc) : 139390-01"); script_summary(english:"Check for patch 139390-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 139390-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/139390-01" ); script_set_attribute(attribute:"solution", value:"Install patch 139390-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:139390"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"139390-01", obsoleted_by:"138627-04 142909-17 140397-06 141026-06 ", package:"SUNWpcu", version:"13.1,REV=2005.01.21.15.53") < 0) flag++; if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"139390-01", obsoleted_by:"138627-04 142909-17 140397-06 141026-06 ", package:"SUNWppm", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWpcu / SUNWppm"); }NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_139391-01.NASL description SunOS 5.10_x86: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08 last seen 2020-06-01 modified 2020-06-02 plugin id 108010 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108010 title Solaris 10 (x86) : 139391-01 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(108010); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_cve_id("CVE-2009-0167", "CVE-2009-0168"); script_name(english:"Solaris 10 (x86) : 139391-01"); script_summary(english:"Check for patch 139391-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 139391-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10_x86: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/139391-01" ); script_set_attribute(attribute:"solution", value:"Install patch 139391-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:139391"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"139391-01", obsoleted_by:"138628-04 139556-08 ", package:"SUNWpcu", version:"13.1,REV=2005.01.21.16.34") < 0) flag++; if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"139391-01", obsoleted_by:"138628-04 139556-08 ", package:"SUNWppm", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWpcu / SUNWppm"); }NASL family Solaris Local Security Checks NASL id SOLARIS10_139390.NASL description SunOS 5.10: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08 last seen 2018-09-01 modified 2018-08-13 plugin id 35200 published 2008-12-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35200 title Solaris 10 (sparc) : 139390-01 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(35200); script_version("1.17"); script_name(english: "Solaris 10 (sparc) : 139390-01"); script_cve_id("CVE-2009-0167", "CVE-2009-0168"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 139390-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/139390-01"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2008/12/17"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_end_attributes(); script_summary(english: "Check for patch 139390-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_139391.NASL description SunOS 5.10_x86: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08 last seen 2018-09-02 modified 2018-08-13 plugin id 35212 published 2008-12-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=35212 title Solaris 10 (x86) : 139391-01 code #%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(35212); script_version("1.14"); script_name(english: "Solaris 10 (x86) : 139391-01"); script_cve_id("CVE-2009-0167", "CVE-2009-0168"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 139391-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: lpadmin and ppdmgr patch. Date this patch was last updated by Sun : Dec/12/08'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/139391-01"); script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_publication_date", value: "2008/12/17"); script_cvs_date("Date: 2019/10/25 13:36:24"); script_end_attributes(); script_summary(english: "Check for patch 139391-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");
Oval
| accepted | 2009-03-16T04:00:20.571-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | ||||||||
| family | unix | ||||||||
| id | oval:org.mitre.oval:def:6175 | ||||||||
| status | accepted | ||||||||
| submitted | 2009-02-05T13:18:38.000-05:00 | ||||||||
| title | Security Vulnerabilities in the Solaris lpadmin(1M) and ppdmgr(1M) Utilities May Lead to a Denial of Service (DoS) Condition | ||||||||
| version | 35 |
References
- http://opensolaris.org/os/bug_reports/request_sponsor/
- http://secunia.com/advisories/33488
- http://secunia.com/advisories/33705
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139390-01-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-249306-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-026.htm
- http://www.securityfocus.com/bid/33269
- http://www.securitytracker.com/id?1021601
- http://www.vupen.com/english/advisories/2009/0155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6175