Vulnerabilities > CVE-2009-2972 - Resource Management Errors vulnerability in SUN Solaris 8/9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_114980.NASL description SunOS 5.9_x86: lp Patch. Date this patch was last updated by Sun : Nov/30/10 last seen 2016-09-26 modified 2015-01-15 plugin id 13619 published 2004-07-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=13619 title Solaris 9 (x86) : 114980-31 code #%NASL_MIN_LEVEL 999999 # @DEPRECATED@ # # This script has been deprecated as the associated patch is not # currently a recommended security fix. # # Disabled on 2011/09/17. # # (C) Tenable Network Security, Inc. # # if ( ! defined_func("bn_random") ) exit(0); include("compat.inc"); if(description) { script_id(13619); script_version("1.46"); script_name(english: "Solaris 9 (x86) : 114980-31"); script_cve_id("CVE-2005-2032", "CVE-2005-4797", "CVE-2009-2972"); script_set_attribute(attribute: "synopsis", value: "The remote host is missing Sun Security Patch number 114980-31"); script_set_attribute(attribute: "description", value: 'SunOS 5.9_x86: lp Patch. Date this patch was last updated by Sun : Nov/30/10'); script_set_attribute(attribute: "solution", value: "You should install this patch for your system to be up-to-date."); script_set_attribute(attribute: "see_also", value: "https://getupdates.oracle.com/readme/114980-31"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/12"); script_cvs_date("Date: 2018/08/13 14:32:38"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/06/15"); script_end_attributes(); script_summary(english: "Check for patch 114980-31"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc."); family["english"] = "Solaris Local Security Checks"; script_family(english:family["english"]); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/Solaris/showrev"); exit(0); } # Deprecated. exit(0, "The associated patch is not currently a recommended security fix."); include("solaris.inc"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpcu", version:"13.1,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWppm", version:"11.9.0,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsf", version:"13.1,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsr", version:"13.1,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWpsu", version:"13.1,REV=2002.11.04.02.51"); e += solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"114980-31", obsoleted_by:"114423-09 ", package:"SUNWscplp", version:"13.1,REV=2002.11.04.02.51"); if ( e < 0 ) { if ( NASL_LEVEL < 3000 ) security_hole(0); else security_hole(port:0, extra:solaris_get_report()); exit(0); } exit(0, "Host is not affected");NASL family Solaris Local Security Checks NASL id SOLARIS8_109320.NASL description SunOS 5.8: lp patch. Date this patch was last updated by Sun : Nov/07/08 last seen 2020-06-01 modified 2020-06-02 plugin id 13319 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13319 title Solaris 8 (sparc) : 109320-22 NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_109321.NASL description SunOS 5.8_x86: lp patch. Date this patch was last updated by Sun : Nov/07/08 last seen 2020-06-01 modified 2020-06-02 plugin id 13427 published 2004-07-12 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13427 title Solaris 8 (x86) : 109321-22
Oval
| accepted | 2009-10-05T04:00:05.585-04:00 | ||||||||||||||||
| class | vulnerability | ||||||||||||||||
| contributors |
| ||||||||||||||||
| definition_extensions |
| ||||||||||||||||
| description | in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb." | ||||||||||||||||
| family | unix | ||||||||||||||||
| id | oval:org.mitre.oval:def:6225 | ||||||||||||||||
| status | accepted | ||||||||||||||||
| submitted | 2009-08-28T12:11:40.000-04:00 | ||||||||||||||||
| title | A Security Vulnerability in the Solaris Print Service (in.lpd(1M)) May Lead to a Denial of Service (DoS) Condition | ||||||||||||||||
| version | 36 |
References
- http://secunia.com/advisories/36445
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-109320-23-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-264608-1
- http://www.securityfocus.com/bid/36148
- http://www.vupen.com/english/advisories/2009/2417
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6225