Vulnerabilities > CVE-2009-3899 - Resource Management Errors vulnerability in SUN Opensolaris and Solaris
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_141445.NASL description SunOS 5.10_x86: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141445 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 42142 published 2009-10-15 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=42142 title Solaris 10 (x86) : 141445-09 (deprecated) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(42142); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2009-3706", "CVE-2009-3899"); script_name(english:"Solaris 10 (x86) : 141445-09 (deprecated)"); script_summary(english:"Check for patch 141445-09"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10_x86: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141445 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/141445-09" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/10/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 141445 instead.");
NASL family Solaris Local Security Checks NASL id SOLARIS10_141444.NASL description SunOS 5.10: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141444 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 42138 published 2009-10-15 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=42138 title Solaris 10 (sparc) : 141444-09 (deprecated) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(42138); script_version("1.14"); script_cvs_date("Date: 2019/10/25 13:36:25"); script_cve_id("CVE-2009-3706", "CVE-2009-3899"); script_name(english:"Solaris 10 (sparc) : 141444-09 (deprecated)"); script_summary(english:"Check for patch 141444-09"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10: kernel patch. Date this patch was last updated by Sun : Oct/13/09 This plugin has been deprecated and either replaced with individual 141444 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/141444-09" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2009/10/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 141444 instead.");
Oval
accepted | 2010-01-25T04:00:25.197-05:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:6563 | ||||||||
status | accepted | ||||||||
submitted | 2009-12-17T14:02:00.000-05:00 | ||||||||
title | A security vulnerability in Solaris Sockets Direct Protocol (SDP) driver (sdp(7D)) may allow a local or remote unprivileged user to exhaust all kernel memory | ||||||||
version | 35 |
References
- http://securitytracker.com/id?1023124
- http://securitytracker.com/id?1023124
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1
- http://www.securityfocus.com/bid/36904
- http://www.securityfocus.com/bid/36904
- http://www.vupen.com/english/advisories/2009/3130
- http://www.vupen.com/english/advisories/2009/3130
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6563
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6563