Vulnerabilities > CVE-2009-0268 - Race Condition vulnerability in SUN Opensolaris and Solaris

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

sun

CWE-362

nessus

NVD

Published: 2009-01-26

Updated: 2017-09-29

Summary

Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Opensolaris Snv_01 SUN Opensolaris Snv_02 SUN Opensolaris Snv_03 SUN Opensolaris Snv_04 SUN Opensolaris Snv_05 SUN Opensolaris Snv_06 SUN Opensolaris Snv_07 SUN Opensolaris Snv_08 SUN Opensolaris Snv_09 SUN Opensolaris Snv_10 SUN Opensolaris Snv_11 SUN Opensolaris Snv_12 SUN Opensolaris Snv_13 SUN Opensolaris Snv_14 SUN Opensolaris Snv_15 SUN Opensolaris Snv_16 SUN Opensolaris Snv_17 SUN Opensolaris Snv_18 SUN Opensolaris Snv_19 SUN Opensolaris Snv_20 SUN Opensolaris Snv_21 SUN Opensolaris Snv_22 SUN Opensolaris Snv_23 SUN Opensolaris Snv_24 SUN Opensolaris Snv_25 SUN Opensolaris Snv_26 SUN Opensolaris Snv_27 SUN Opensolaris Snv_28 SUN Opensolaris Snv_29 SUN Opensolaris Snv_30 SUN Opensolaris Snv_31 SUN Opensolaris Snv_32 SUN Opensolaris Snv_33 SUN Opensolaris Snv_34 SUN Opensolaris Snv_35 SUN Opensolaris Snv_36 SUN Opensolaris Snv_37 SUN Opensolaris Snv_38 SUN Opensolaris Snv_39 SUN Opensolaris Snv_40 SUN Opensolaris Snv_41 SUN Opensolaris Snv_42 SUN Opensolaris Snv_43 SUN Opensolaris Snv_44 SUN Opensolaris Snv_45 SUN Opensolaris Snv_46 SUN Opensolaris Snv_47 SUN Opensolaris Snv_48 SUN Opensolaris Snv_49 SUN Opensolaris Snv_50 SUN Opensolaris Snv_51 SUN Opensolaris Snv_52 SUN Opensolaris Snv_53 SUN Opensolaris Snv_54 SUN Opensolaris Snv_55 SUN Opensolaris Snv_56 SUN Opensolaris Snv_57 SUN Opensolaris Snv_58 SUN Opensolaris Snv_59 SUN Opensolaris Snv_60 SUN Opensolaris Snv_61 SUN Opensolaris Snv_62 SUN Opensolaris Snv_63 SUN Opensolaris Snv_64 SUN Opensolaris Snv_65 SUN Opensolaris Snv_66 SUN Opensolaris Snv_67 SUN Opensolaris Snv_68 SUN Opensolaris Snv_69 SUN Opensolaris Snv_70 SUN Opensolaris Snv_71 SUN Opensolaris Snv_72 SUN Opensolaris Snv_73 SUN Opensolaris Snv_74 SUN Opensolaris Snv_75 SUN Opensolaris Snv_76 SUN Opensolaris Snv_77 SUN Opensolaris Snv_78 SUN Opensolaris Snv_79 SUN Opensolaris Snv_80 SUN Opensolaris Snv_81 SUN Opensolaris Snv_82 SUN Opensolaris Snv_83 SUN Opensolaris Snv_84 SUN Opensolaris Snv_85 SUN Opensolaris Snv_86 SUN Opensolaris Snv_87 SUN Opensolaris Snv_88 SUN Opensolaris Snv_89 SUN Opensolaris Snv_90 SUN Opensolaris Snv_91 SUN Opensolaris Snv_92 SUN Opensolaris Snv_93 SUN Opensolaris Snv_94 SUN Opensolaris Snv_95 SUN Opensolaris Snv_96 SUN Opensolaris Snv_97 SUN Opensolaris Snv_98 SUN Opensolaris Snv_99 SUN Opensolaris Snv_100 SUN Opensolaris Snv_101 SUN Opensolaris * SUN Solaris 8 SUN Solaris 9 SUN Solaris 10	210

Common Weakness Enumeration (CWE)

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Common Attack Pattern Enumeration and Classification (CAPEC)

Leveraging Race Conditions
This attack targets a race condition occurring when multiple processes access and manipulate the same resource concurrently and the outcome of the execution depends on the particular order in which the access takes place. The attacker can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance a race condition can occur while accessing a file, the attacker can trick the system by replacing the original file with his version and cause the system to read the malicious file.
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. The typical example is the file access. The attacker can leverage a file access race condition by "running the race", meaning that he would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the attacker could do something such as replace the file and cause an escalation of privilege.

Nessus

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_140426.NASL
description	SunOS 5.9: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2020-06-01
modified	2020-06-02
plugin id	35574
published	2009-02-02
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35574
title	Solaris 9 (sparc) : 140426-01
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(35574); script_version("1.14"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 9 (sparc) : 140426-01"); script_summary(english:"Check for patch 140426-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 140426-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.9: ptsl patch. Date this patch was last updated by Sun : Jan/19/09" ); script_set_attribute( attribute:"see_also", value:"http://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"140426-01", obsoleted_by:"122300-69 ", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++; if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"140426-01", obsoleted_by:"122300-69 ", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS8_X86_113686.NASL
description	SunOS 5.8_x86: logindmux/llc1/ptsl/bufmod/. Date this patch was last updated by Sun : Jan/20/09
last seen	2020-06-01
modified	2020-06-02
plugin id	13498
published	2004-07-12
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/13498
title	Solaris 8 (x86) : 113686-06
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13498); script_version("1.27"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 8 (x86) : 113686-06"); script_summary(english:"Check for patch 113686-06"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 113686-06" ); script_set_attribute( attribute:"description", value: "SunOS 5.8_x86: logindmux/llc1/ptsl/bufmod/. Date this patch was last updated by Sun : Jan/20/09" ); script_set_attribute( attribute:"see_also", value:"http://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"113686-06", obsoleted_by:"127722-07 ", package:"SUNWhea", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++; if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"113686-06", obsoleted_by:"127722-07 ", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++; if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"113686-06", obsoleted_by:"127722-07 ", package:"SUNWcsr", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_140383-01.NASL
description	SunOS 5.10: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2020-06-01
modified	2020-06-02
plugin id	107520
published	2018-03-12
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/107520
title	Solaris 10 (sparc) : 140383-01
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(107520); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 10 (sparc) : 140383-01"); script_summary(english:"Check for patch 140383-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 140383-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10: ptsl patch. Date this patch was last updated by Sun : Jan/19/09" ); script_set_attribute( attribute:"see_also", value:"https://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute(attribute:"solution", value:"Install patch 140383-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:140383"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "sparc") audit(AUDIT_ARCH_NOT, "sparc", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10", arch:"sparc", patch:"140383-01", obsoleted_by:"140563-01 147440-07 147147-26 146320-03 ", package:"SUNWckr", version:"11.10.0,REV=2005.01.21.15.53") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWckr"); }

NASL family	Solaris Local Security Checks
NASL id	SOLARIS9_X86_140427.NASL
description	SunOS 5.9_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2020-06-01
modified	2020-06-02
plugin id	35576
published	2009-02-02
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35576
title	Solaris 9 (x86) : 140427-01
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(35576); script_version("1.14"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 9 (x86) : 140427-01"); script_summary(english:"Check for patch 140427-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 140427-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.9_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09" ); script_set_attribute( attribute:"see_also", value:"http://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"140427-01", obsoleted_by:"122301-69 ", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_140383.NASL
description	SunOS 5.10: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2018-09-01
modified	2018-08-13
plugin id	35569
published	2009-02-02
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=35569
title	Solaris 10 (sparc) : 140383-01
code	#%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(35569); script_version("1.15"); script_name(english: "Solaris 10 (sparc) : 140383-01"); script_cve_id("CVE-2009-0268"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 140383-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10: ptsl patch. Date this patch was last updated by Sun : Jan/19/09'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1019948.1.html"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_publication_date", value: "2009/02/02"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_end_attributes(); script_summary(english: "Check for patch 140383-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_X86_140384.NASL
description	SunOS 5.10_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2018-09-01
modified	2018-08-13
plugin id	35572
published	2009-02-02
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=35572
title	Solaris 10 (x86) : 140384-01
code	#%NASL_MIN_LEVEL 80502 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/10/24. # # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(35572); script_version("1.15"); script_name(english: "Solaris 10 (x86) : 140384-01"); script_cve_id("CVE-2009-0268"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 140384-01"); script_set_attribute(attribute: "description", value: 'SunOS 5.10_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "http://download.oracle.com/sunalerts/1019948.1.html"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_publication_date", value: "2009/02/02"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_end_attributes(); script_summary(english: "Check for patch 140384-01"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix.");

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_X86_140384-01.NASL
description	SunOS 5.10_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09
last seen	2020-06-01
modified	2020-06-02
plugin id	108017
published	2018-03-12
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/108017
title	Solaris 10 (x86) : 140384-01
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(108017); script_version("1.6"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 10 (x86) : 140384-01"); script_summary(english:"Check for patch 140384-01"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 140384-01" ); script_set_attribute( attribute:"description", value: "SunOS 5.10_x86: ptsl patch. Date this patch was last updated by Sun : Jan/19/09" ); script_set_attribute( attribute:"see_also", value:"https://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute(attribute:"solution", value:"Install patch 140384-01"); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:140384"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); showrev = get_kb_item("Host/Solaris/showrev"); if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris"); os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev); if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris"); full_ver = os_ver[1]; os_level = os_ver[2]; if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level); package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev); if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH); package_arch = package_arch[1]; if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"140384-01", obsoleted_by:"146321-03 140564-01 147148-26 147441-07 ", package:"SUNWckr", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : solaris_get_report() ); } else { patch_fix = solaris_patch_fix_get(); if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10"); tested = solaris_pkg_tests_get(); if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWckr"); }

NASL family	Solaris Local Security Checks
NASL id	SOLARIS8_113685.NASL
description	SunOS 5.8: logindmux, ptsl, ms, bufmod, ll. Date this patch was last updated by Sun : Jan/19/09
last seen	2020-06-01
modified	2020-06-02
plugin id	13397
published	2004-07-12
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/13397
title	Solaris 8 (sparc) : 113685-07
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(13397); script_version("1.32"); script_cvs_date("Date: 2019/10/25 13:36:26"); script_cve_id("CVE-2009-0268"); script_name(english:"Solaris 8 (sparc) : 113685-07"); script_summary(english:"Check for patch 113685-07"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 113685-07" ); script_set_attribute( attribute:"description", value: "SunOS 5.8: logindmux, ptsl, ms, bufmod, ll. Date this patch was last updated by Sun : Jan/19/09" ); script_set_attribute( attribute:"see_also", value:"http://download.oracle.com/sunalerts/1019948.1.html" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(362); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWhea", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWcar", version:"11.8.0,REV=2000.01.13.13.40") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWcarx", version:"11.8.0,REV=2000.01.13.13.40") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWcsxu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"113685-07", obsoleted_by:"127721-08 ", package:"SUNWcsr", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");

Oval

accepted

2009-03-09T04:00:10.700-04:00

class

vulnerability

contributors

name	Pai Peng
organization	Hewlett-Packard

definition_extensions

comment Solaris 8 (SPARC) is installed
oval oval:org.mitre.oval:def:1539
comment Solaris 9 (SPARC) is installed
oval oval:org.mitre.oval:def:1457
comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 8 (x86) is installed
oval oval:org.mitre.oval:def:2059
comment Solaris 9 (x86) is installed
oval oval:org.mitre.oval:def:1683
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

family

unix

oval:org.mitre.oval:def:6061

status

accepted

submitted

2009-01-28T11:08:21.000-05:00

title

Security Vulnerability in the Solaris Pseudo-terminal Driver (pty(7D)) may Cause a System Panic

version

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

Oval

References