Vulnerabilities > CVE-2013-0407 - Local vulnerability in Oracle Solaris
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 2 |
Nessus
NASL family | Solaris Local Security Checks |
NASL id | SOLARIS_JAN2013_SRU12_4.NASL |
description | This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Kernel/DTrace Framework). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System hang or frequently repeatable crash (complete DOS). (CVE-2013-0407) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 76809 |
published | 2014-07-26 |
reporter | This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/76809 |
title | Oracle Solaris Critical Patch Update : jan2013_SRU12_4 |
code |
|
Oval
accepted | 2013-12-30T04:00:27.432-05:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework. | ||||||||
family | unix | ||||||||
id | oval:org.mitre.oval:def:19400 | ||||||||
status | accepted | ||||||||
submitted | 2013-11-20T11:43:28.000-05:00 | ||||||||
title | CRITICAL PATCH UPDATE JANUARY 2013 | ||||||||
version | 37 |
References
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
- http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19400