Vulnerabilities > CVE-2012-1683 - Local Solaris vulnerability in Oracle Sun Products Suite

047910
CVSS 5.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
MULTIPLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
high complexity
sun
nessus

Summary

Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.

Vulnerable Configurations

Part Description Count
OS
Sun
4

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_112908.NASL
    descriptionSunOS 5.9: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10
    last seen2020-06-01
    modified2020-06-02
    plugin id13520
    published2004-07-12
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13520
    titleSolaris 9 (sparc) : 112908-38
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(13520);
      script_version("1.56");
      script_cvs_date("Date: 2019/10/25 13:36:26");
    
      script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683");
    
      script_name(english:"Solaris 9 (sparc) : 112908-38");
      script_summary(english:"Check for patch 112908-38");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 112908-38"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9: krb5, gss patch.
    Date this patch was last updated by Sun : Sep/14/10"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/112908-38"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(119, 255, 264, 287);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstlx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcar", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcarx", version:"11.9.0,REV=2002.04.09.12.25") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbux", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgsskx", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"112908-38", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());
      else security_hole(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS_APR2012_SRU4.NASL
    descriptionThis Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: gssd(1M)). Supported versions that are affected are 8, 9, 10 and 11. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. (CVE-2012-1683) - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Kernel/Privileges). The supported version that is affected is 11. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. (CVE-2012-1691) - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Kernel/GLD(7D)). The supported version that is affected is 11. Very difficult to exploit vulnerability allows successful authenticated network attacks via TCP/IP. Successful attack of this vulnerability can result in unauthorized read access to a subset of Solaris accessible data. (CVE-2012-1698)
    last seen2020-06-01
    modified2020-06-02
    plugin id76801
    published2014-07-26
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/76801
    titleOracle Solaris Critical Patch Update : apr2012_SRU4
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Oracle CPU for apr2012.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(76801);
      script_version("1.6");
      script_cvs_date("Date: 2018/11/14 14:36:23");
    
      script_cve_id("CVE-2012-1683", "CVE-2012-1691", "CVE-2012-1698");
      script_bugtraq_id(53128, 53130, 53137);
    
      script_name(english:"Oracle Solaris Critical Patch Update : apr2012_SRU4");
      script_summary(english:"Check for the apr2012 CPU");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Solaris system is missing a security patch from CPU
    apr2012."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This Solaris system is missing necessary patches to address critical
    security updates :
    
      - Vulnerability in the Solaris component of Oracle Sun
        Products Suite (subcomponent: gssd(1M)). Supported
        versions that are affected are 8, 9, 10 and 11. Very
        difficult to exploit vulnerability requiring logon to
        Operating System plus additional, multiple logins to
        components. Successful attack of this vulnerability can
        escalate attacker privileges resulting in unauthorized
        Operating System takeover including arbitrary code
        execution. (CVE-2012-1683)
    
      - Vulnerability in the Solaris component of Oracle Sun
        Products Suite (subcomponent: Kernel/Privileges). The
        supported version that is affected is 11. Difficult to
        exploit vulnerability requiring logon to Operating
        System plus additional login/authentication to component
        or subcomponent. Successful attack of this vulnerability
        can escalate attacker privileges resulting in
        unauthorized Operating System takeover including
        arbitrary code execution. (CVE-2012-1691)
    
      - Vulnerability in the Solaris component of Oracle Sun
        Products Suite (subcomponent: Kernel/GLD(7D)). The
        supported version that is affected is 11. Very difficult
        to exploit vulnerability allows successful authenticated
        network attacks via TCP/IP. Successful attack of this
        vulnerability can result in unauthorized read access to
        a subset of Solaris accessible data. (CVE-2012-1698)"
      );
      # http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1446032.1
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?75401354"
      );
      # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/1690959.xml
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7ef6c355"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install the apr2012 CPU from the Oracle support website."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2012/04/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/26");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Solaris11/release");
    if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
    
    
    fix_release = "0.5.11-0.175.0.4.0.5.0";
    
    flag = 0;
    
    if (solaris_check_release(release:"0.5.11-0.175.0.4.0.5.0", sru:"11/11 SRU 4") > 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report2());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_OS_RELEASE_NOT, "Solaris", fix_release, release);
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_115168.NASL
    descriptionSunOS 5.9_x86: krb5, gss patch. Date this patch was last updated by Sun : Sep/14/10
    last seen2020-06-01
    modified2020-06-02
    plugin id13620
    published2004-07-12
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13620
    titleSolaris 9 (x86) : 115168-24
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(13620);
      script_version("1.46");
      script_cvs_date("Date: 2019/10/25 13:36:26");
    
      script_cve_id("CVE-2004-0523", "CVE-2004-0653", "CVE-2005-1689", "CVE-2006-6144", "CVE-2008-5690", "CVE-2009-0360", "CVE-2009-0361", "CVE-2009-1933", "CVE-2012-1683");
    
      script_name(english:"Solaris 9 (x86) : 115168-24");
      script_summary(english:"Check for patch 115168-24");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 115168-24"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "SunOS 5.9_x86: krb5, gss patch.
    Date this patch was last updated by Sun : Sep/14/10"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/115168-24"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(119, 255, 264, 287);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2010/09/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/12");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWhea", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcstl", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWkrbu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgss", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWgssk", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115168-24", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());
      else security_hole(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_147441.NASL
    descriptionSunOS 5.10_x86: Solaris kernel patch. Date this patch was last updated by Sun : Nov/30/12
    last seen2018-09-01
    modified2018-07-30
    plugin id56441
    published2011-10-10
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=56441
    titleSolaris 10 (x86) : 147441-27
    code
    
    # @DEPRECATED@
    #
    # This script has been deprecated as the associated patch is not
    # currently a security fix.
    #
    # Disabled on 2013/02/25.
    #
    
    #
    # (C) Tenable Network Security, Inc.
    #
    #
    
    if ( ! defined_func("bn_random") ) exit(0);
    include("compat.inc");
    
    if(description)
    {
     script_id(56441);
     script_version("1.24");
    
     script_name(english: "Solaris 10 (x86) : 147441-27");
    script_cve_id("CVE-2012-1683");
     script_set_attribute(attribute: "synopsis", value:
    "The remote host is missing Sun Security Patch number 147441-27");
     script_set_attribute(attribute: "description", value:
    'SunOS 5.10_x86: Solaris kernel patch.
    Date this patch was last updated by Sun : Nov/30/12');
     script_set_attribute(attribute: "solution", value:
    "You should install this patch for your system to be up-to-date.");
     script_set_attribute(attribute: "see_also", value:
    "https://getupdates.oracle.com/readme/147441-27");
     script_set_attribute(attribute: "cvss_vector", value: "CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
     script_set_attribute(attribute: "patch_publication_date", value: "2012/11/30");
     script_set_attribute(attribute: "cpe", value: "cpe:/o:sun:solaris");
     script_set_attribute(attribute: "plugin_type", value: "local");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/10");
      script_cvs_date("Date: 2018/07/30 13:40:14");
     script_end_attributes();
    
     script_summary(english: "Check for patch 147441-27");
     script_category(ACT_GATHER_INFO);
     script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
     family["english"] = "Solaris Local Security Checks";
     script_family(english:family["english"]);
     
     script_dependencies("ssh_get_info.nasl");
     script_require_keys("Host/Solaris/showrev");
     exit(0);
    }
    
    # Deprecated.
    exit(0, "The associated patch is not currently a security fix.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_147440.NASL
    descriptionSunOS 5.10: Solaris kernel patch. Date this patch was last updated by Sun : Apr/17/12
    last seen2018-09-01
    modified2018-07-30
    plugin id56435
    published2011-10-10
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=56435
    titleSolaris 10 (sparc) : 147440-15