Vulnerabilities > CVE-2010-3509 - Unspecified vulnerability in Oracle Solaris 10/8/9
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 43933 CVE ID: CVE-2010-3509 Solaris是一款由Sun开发和维护的商业UNIX操作系统。 Solaris中所运行的rpc.cmsd服务存在整数溢出漏洞,远程攻击者可以通过向该服务提交恶意RPC请求触发这个溢出,导致拒绝服务或以root用户权限执行任意代码。 Sun Solaris 9.0_x86 Sun Solaris 9.0 Sun Solaris 8.0_x86 Sun Solaris 8.0 Sun Solaris 10.0_x86 Sun Solaris 10.0 厂商补丁: Oracle ------ Oracle已经为此发布了一个安全公告(cpuoct2010)以及相应补丁: cpuoct2010:Oracle Critical Patch Update Advisory - October 2010 链接:http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html |
| id | SSV:20193 |
| last seen | 2017-11-19 |
| modified | 2010-10-26 |
| published | 2010-10-26 |
| reporter | Root |
| title | Solaris rpc.cmsd服务远程整数溢出漏洞 |