Vulnerabilities > CVE-2009-2912 - Local Denial Of Service vulnerability in SUN Opensolaris and Solaris
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
Vulnerable Configurations
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_122300.NASL description SunOS 5.9: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11 last seen 2020-06-01 modified 2020-06-02 plugin id 24858 published 2007-03-18 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24858 title Solaris 9 (sparc) : 122300-61 NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_127722.NASL description SunOS 5.8_x86: kernel patch. Date this patch was last updated by Sun : Apr/11/11 last seen 2016-09-26 modified 2012-06-14 plugin id 40612 published 2009-08-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=40612 title Solaris 8 (x86) : 127722-05 NASL family Solaris Local Security Checks NASL id SOLARIS8_127721.NASL description SunOS 5.8: kernel patch. Date this patch was last updated by Sun : Apr/11/11 last seen 2016-09-26 modified 2012-06-14 plugin id 40611 published 2009-08-18 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=40611 title Solaris 8 (sparc) : 127721-06 NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_122301.NASL description SunOS 5.9_x86: Kernel Patch. Date this patch was last updated by Sun : Nov/03/11 last seen 2020-06-01 modified 2020-06-02 plugin id 24861 published 2007-03-18 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24861 title Solaris 9 (x86) : 122301-61
Oval
accepted | 2009-09-28T04:00:07.402-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. | ||||||||||||||||||||||||
family | unix | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:5692 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2009-08-21T11:07:35.000-04:00 | ||||||||||||||||||||||||
title | Security Vulnerability in the Solaris sendfile(3EXT) and sendfilev(3EXT) Extended Library Functions may Result in a Denial of Service (DoS) Condition due to a System Panic | ||||||||||||||||||||||||
version | 37 |
References
- http://secunia.com/advisories/36400
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-258588-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020445.1-1
- http://www.securityfocus.com/bid/36083
- http://www.vupen.com/english/advisories/2009/2316
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5692