Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Published: 2009-06-19
Updated: 2009-07-02
Summary
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value.
Vulnerable Configurations
| Part | Description | Count |
| OS | Sun | 60 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Solaris Local Security Checks |
| NASL id | SOLARIS10_140386.NASL |
| description | SunOS 5.10: n2cp driver patch. Date this patch was last updated by Sun : Jul/08/09 |
| last seen | 2018-09-02 |
| modified | 2018-08-13 |
| plugin id | 39414 |
| published | 2009-06-16 |
| reporter | Tenable |
| source | https://www.tenable.com/plugins/index.php?view=single&id=39414 |
| title | Solaris 10 (sparc) : 140386-04 |
| code | #%NASL_MIN_LEVEL 80502
# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.
#
# (C) Tenable Network Security, Inc.
#
#
if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");
if(description)
{
script_id(39414);
script_version("1.15");
script_name(english: "Solaris 10 (sparc) : 140386-04");
script_cve_id("CVE-2009-2137");
script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 140386-04");
script_set_attribute(attribute: "description", value:
'SunOS 5.10: n2cp driver patch.
Date this patch was last updated by Sun : Jul/08/09');
script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/140386-04");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_publication_date", value: "2009/06/16");
script_cvs_date("Date: 2019/10/25 13:36:25");
script_end_attributes();
script_summary(english: "Check for patch 140386-04");
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
family["english"] = "Solaris Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/Solaris/showrev");
exit(0);
}
# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");
|