Vulnerabilities > CVE-2009-2187 - Resource Management Errors vulnerability in SUN Opensolaris and Solaris

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

sun

CWE-399

NVD

Published: 2009-06-25

Updated: 2009-06-25

Summary

Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Opensolaris Snv_67 SUN Opensolaris Snv_68 SUN Opensolaris Snv_69 SUN Opensolaris Snv_70 SUN Opensolaris Snv_71 SUN Opensolaris Snv_72 SUN Opensolaris Snv_73 SUN Opensolaris Snv_74 SUN Opensolaris Snv_75 SUN Opensolaris Snv_76 SUN Opensolaris Snv_77 SUN Opensolaris Snv_78 SUN Opensolaris Snv_79 SUN Opensolaris Snv_80 SUN Opensolaris Snv_81 SUN Opensolaris Snv_82 SUN Opensolaris Snv_83 SUN Opensolaris Snv_84 SUN Opensolaris Snv_85 SUN Opensolaris Snv_86 SUN Opensolaris Snv_87 SUN Opensolaris Snv_88 SUN Opensolaris Snv_89 SUN Opensolaris Snv_90 SUN Opensolaris Snv_91 SUN Opensolaris Snv_92 SUN Opensolaris Snv_93 SUN Solaris 10.0	56

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References