Vulnerabilities > CVE-2009-2488 - Unspecified vulnerability in SUN Opensolaris and Solaris

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
sun
nessus
NVD
Published: 2009-07-16
Updated: 2017-09-19

Summary

Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."

Vulnerable Configurations

Part Description Count
OS
Sun
38

Nessus

NASL familySolaris Local Security Checks
NASL idSOLARIS10_141733.NASL
descriptionSunOS 5.10: klmmod patch. Date this patch was last updated by Sun : Jul/24/09
last seen2018-09-01
modified2018-08-13
plugin id39762
published2009-07-09
reporterTenable
sourcehttps://www.tenable.com/plugins/index.php?view=single&id=39762
titleSolaris 10 (sparc) : 141733-04
code
#%NASL_MIN_LEVEL 80502

# @DEPRECATED@
#
# This script has been deprecated as the associated patch is not
# currently a recommended security fix.
#
# Disabled on 2011/09/17.

#
# (C) Tenable Network Security, Inc.
#
#

if ( ! defined_func("bn_random") ) exit(0);
include("compat.inc");

if(description)
{
 script_id(39762);
 script_version("1.15");

 script_name(english: "Solaris 10 (sparc) : 141733-04");
 script_cve_id("CVE-2009-2488");
 script_set_attribute(attribute: "synopsis", value:
"The remote host is missing Sun Security Patch number 141733-04");
 script_set_attribute(attribute: "description", value:
'SunOS 5.10: klmmod patch.
Date this patch was last updated by Sun : Jul/24/09');
 script_set_attribute(attribute: "solution", value:
"You should install this patch for your system to be up-to-date.");
 script_set_attribute(attribute: "see_also", value:
"https://getupdates.oracle.com/readme/141733-04");
 script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
 script_set_attribute(attribute:"plugin_publication_date", value: "2009/07/09");
 script_cvs_date("Date: 2019/10/25 13:36:25");
 script_end_attributes();

 script_summary(english: "Check for patch 141733-04");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
 family["english"] = "Solaris Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/Solaris/showrev");
 exit(0);
}



# Deprecated.
exit(0, "The associated patch is not currently a recommended security fix.");

Oval

accepted2009-09-21T04:00:04.218-04:00
classvulnerability
contributors
nameAharon Chernin
organizationDTCC
definition_extensions
  • commentSolaris 10 (x86) is installed
    ovaloval:org.mitre.oval:def:1926
  • commentSolaris 10 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1440
descriptionUnspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."
familyunix
idoval:org.mitre.oval:def:5586
statusaccepted
submitted2009-08-09T17:59:08-04:00
titleUnspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10."
version35

References