Vulnerabilities > CVE-2011-0800 - Local vulnerability in Oracle Sun Solaris

047910
CVSS 6.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
MULTIPLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
sun
nessus

Summary

Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities.

Vulnerable Configurations

Part Description Count
OS
Sun
4

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_116015.NASL
    descriptionSunOS 5.9_x86: /usr/sbin/usermod patch. Date this patch was last updated by Sun : Mar/18/11
    last seen2020-06-01
    modified2020-06-02
    plugin id52733
    published2011-03-21
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/52733
    titleSolaris 9 (x86) : 116015-06
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(52733);
      script_version("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2011-0800");
    
      script_name(english:"Solaris 9 (x86) : 116015-06");
      script_summary(english:"Check for patch 116015-06");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 116015-06"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9_x86: /usr/sbin/usermod patch.
    Date this patch was last updated by Sun : Mar/18/11"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/116015-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"116015-06", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_145125-02.NASL
    descriptionSunOS 5.10_x86: usermgmt patch. Date this patch was last updated by Sun : Feb/03/11
    last seen2020-06-01
    modified2020-06-02
    plugin id108072
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108072
    titleSolaris 10 (x86) : 145125-02
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(108072);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2011-0800");
    
      script_name(english:"Solaris 10 (x86) : 145125-02");
      script_summary(english:"Check for patch 145125-02");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 145125-02"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.10_x86: usermgmt patch.
    Date this patch was last updated by Sun : Feb/03/11"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/145125-02"
      );
      script_set_attribute(attribute:"solution", value:"Install patch 145125-02");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:138080");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:138090");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:10:145125");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/02/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    showrev = get_kb_item("Host/Solaris/showrev");
    if (empty_or_null(showrev)) audit(AUDIT_OS_NOT, "Solaris");
    os_ver = pregmatch(pattern:"Release: (\d+.(\d+))", string:showrev);
    if (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Solaris");
    full_ver = os_ver[1];
    os_level = os_ver[2];
    if (full_ver != "5.10") audit(AUDIT_OS_NOT, "Solaris 10", "Solaris " + os_level);
    package_arch = pregmatch(pattern:"Application architecture: (\w+)", string:showrev);
    if (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);
    package_arch = package_arch[1];
    if (package_arch != "i386") audit(AUDIT_ARCH_NOT, "i386", package_arch);
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.10_x86", arch:"i386", patch:"145125-02", obsoleted_by:"144501-19 ", package:"SUNWcsu", version:"11.10.0,REV=2005.01.21.16.34") < 0) flag++;
    
    if (flag) {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : solaris_get_report()
      );
    } else {
      patch_fix = solaris_patch_fix_get();
      if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, "Solaris 10");
      tested = solaris_pkg_tests_get();
      if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      audit(AUDIT_PACKAGE_NOT_INSTALLED, "SUNWcsu");
    }
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_116014.NASL
    descriptionSunOS 5.9: /usr/sbin/usermod patch. Date this patch was last updated by Sun : Mar/18/11
    last seen2020-06-01
    modified2020-06-02
    plugin id52731
    published2011-03-21
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/52731
    titleSolaris 9 (sparc) : 116014-07
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(52731);
      script_version("1.7");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2011-0800");
    
      script_name(english:"Solaris 9 (sparc) : 116014-07");
      script_summary(english:"Check for patch 116014-07");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 116014-07"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9: /usr/sbin/usermod patch.
    Date this patch was last updated by Sun : Mar/18/11"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/116014-07"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"116014-07", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_145124-02.NASL
    descriptionSunOS 5.10: usermgmt patch. Date this patch was last updated by Sun : Jan/27/11
    last seen2020-06-01
    modified2020-06-02
    plugin id107578
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107578
    titleSolaris 10 (sparc) : 145124-02