Vulnerabilities > CVE-2009-3899 - Resource Management Errors vulnerability in SUN Opensolaris and Solaris

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
sun
CWE-399
nessus

Summary

Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_141445.NASL
    descriptionSunOS 5.10_x86: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141445 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id42142
    published2009-10-15
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=42142
    titleSolaris 10 (x86) : 141445-09 (deprecated)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2018/03/12. Deprecated and either replaced by
    # individual patch-revision plugins, or has been deemed a
    # non-security advisory.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(42142);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:25");
    
      script_cve_id("CVE-2009-3706", "CVE-2009-3899");
    
      script_name(english:"Solaris 10 (x86) : 141445-09 (deprecated)");
      script_summary(english:"Check for patch 141445-09");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"This plugin has been deprecated."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "SunOS 5.10_x86: kernel patch.
    Date this patch was last updated by Sun : Oct/13/09
    
    This plugin has been deprecated and either replaced with individual
    141445 patch-revision plugins, or deemed non-security related."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/141445-09"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"n/a"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 141445 instead.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_141444.NASL
    descriptionSunOS 5.10: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141444 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id42138
    published2009-10-15
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=42138
    titleSolaris 10 (sparc) : 141444-09 (deprecated)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2018/03/12. Deprecated and either replaced by
    # individual patch-revision plugins, or has been deemed a
    # non-security advisory.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(42138);
      script_version("1.14");
      script_cvs_date("Date: 2019/10/25 13:36:25");
    
      script_cve_id("CVE-2009-3706", "CVE-2009-3899");
    
      script_name(english:"Solaris 10 (sparc) : 141444-09 (deprecated)");
      script_summary(english:"Check for patch 141444-09");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"This plugin has been deprecated."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "SunOS 5.10: kernel patch.
    Date this patch was last updated by Sun : Oct/13/09
    
    This plugin has been deprecated and either replaced with individual
    141444 patch-revision plugins, or deemed non-security related."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/141444-09"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"n/a"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 141444 instead.");
    

Oval

accepted2010-01-25T04:00:25.197-05:00
classvulnerability
contributors
namePai Peng
organizationHewlett-Packard
definition_extensions
  • commentSolaris 10 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1440
  • commentSolaris 10 (x86) is installed
    ovaloval:org.mitre.oval:def:1926
descriptionMemory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
familyunix
idoval:org.mitre.oval:def:6563
statusaccepted
submitted2009-12-17T14:02:00.000-05:00
titleA security vulnerability in Solaris Sockets Direct Protocol (SDP) driver (sdp(7D)) may allow a local or remote unprivileged user to exhaust all kernel memory
version35