Vulnerabilities > CVE-2009-2491 - Unspecified vulnerability in SUN RAY Server Software 4.0

047910
CVSS 4.4 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
sun
nessus
NVD
Published: 2009-07-16
Updated: 2017-08-17

Summary

The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks."

Vulnerable Configurations

Part Description Count
Application
Sun
3

Nessus

NASL familySolaris Local Security Checks
NASL idSOLARIS10_127553.NASL
descriptionSun Ray Core Services version 4.0 Patch Update. Date this patch was last updated by Sun : Feb/24/10 This plugin has been deprecated and either replaced with individual 127553 patch-revision plugins, or deemed non-security related.
last seen2019-02-21
modified2018-07-30
plugin id35194
published2008-12-17
reporterTenable
sourcehttps://www.tenable.com/plugins/index.php?view=single&id=35194
titleSolaris 10 (sparc) : 127553-08 (deprecated)
code
#%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# @DEPRECATED@
#
# Disabled on 2018/03/12. Deprecated and either replaced by
# individual patch-revision plugins, or has been deemed a
# non-security advisory.
#
include("compat.inc");

if (description)
{
  script_id(35194);
  script_version("1.15");
  script_cvs_date("Date: 2019/10/25 13:36:26");

  script_cve_id("CVE-2008-5422", "CVE-2008-5423", "CVE-2009-2489", "CVE-2009-2490", "CVE-2009-2491", "CVE-2009-4294", "CVE-2009-4295");

  script_name(english:"Solaris 10 (sparc) : 127553-08 (deprecated)");
  script_summary(english:"Check for patch 127553-08");

  script_set_attribute(
    attribute:"synopsis", 
    value:"This plugin has been deprecated."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Sun Ray Core Services version 4.0 Patch Update.
Date this patch was last updated by Sun : Feb/24/10

This plugin has been deprecated and either replaced with individual
127553 patch-revision plugins, or deemed non-security related."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/127553-08"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"n/a"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(200, 264, 310);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/02/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/17");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}

exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 127553 instead.");

References