Vulnerabilities > CVE-2013-0411 - Local Security vulnerability in SUN Sunos 5.10/5.8/5.9

047910
CVSS 5.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
MULTIPLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
high complexity
sun
nessus

Summary

Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration.

Vulnerable Configurations

Part Description Count
OS
Sun
3

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_148027.NASL
    descriptionVulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: RBAC Configuration). Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Utility/pax). Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data and ability to cause a partial denial of service (partial DOS) of Solaris. This plugin has been deprecated and either replaced with individual 148027 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id64656
    published2013-02-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=64656
    titleSolaris 10 (sparc) : 148027-03 (deprecated)
    code
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2018/03/12. Deprecated and either replaced by
    # individual patch-revision plugins, or has been deemed a
    # non-security advisory.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(64656);
      script_version("1.12");
      script_cvs_date("Date: 2018/07/30 13:40:14");
    
      script_cve_id("CVE-2013-0411", "CVE-2013-0412");
    
      script_name(english:"Solaris 10 (sparc) : 148027-03 (deprecated)");
      script_summary(english:"Check for patch 148027-03");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"This plugin has been deprecated."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: RBAC Configuration). Supported versions
    that are affected are 8, 9 and 10. Very difficult to exploit
    vulnerability requiring logon to Operating System plus additional,
    multiple logins to components. Successful attack of this vulnerability
    can escalate attacker privileges resulting in unauthorized Operating
    System takeover including arbitrary code execution.
    
    Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: Utility/pax). Supported versions that
    are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability
    requiring logon to Operating System. Successful attack of this
    vulnerability can result in unauthorized update, insert or delete
    access to some Solaris accessible data and ability to cause a partial
    denial of service (partial DOS) of Solaris.
    
    This plugin has been deprecated and either replaced with individual
    148027 patch-revision plugins, or deemed non-security related."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/148027-03"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"n/a"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/02/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 148027 instead.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_115336.NASL
    descriptionVulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: RBAC Configuration). Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id56688
    published2011-11-02
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/56688
    titleSolaris 9 (sparc) : 115336-06
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(56688);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2013-0411");
    
      script_name(english:"Solaris 9 (sparc) : 115336-06");
      script_summary(english:"Check for patch 115336-06");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 115336-06"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: RBAC Configuration). Supported versions
    that are affected are 8, 9 and 10. Very difficult to exploit
    vulnerability requiring logon to Operating System plus additional,
    multiple logins to components. Successful attack of this vulnerability
    can escalate attacker privileges resulting in unauthorized Operating
    System takeover including arbitrary code execution."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/115336-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/10/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"115336-06", obsoleted_by:"", package:"SUNWsutl", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"115336-06", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"115336-06", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.04.06.15.27") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_148028.NASL
    descriptionVulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: RBAC Configuration). Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution. Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Utility/pax). Supported versions that are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data and ability to cause a partial denial of service (partial DOS) of Solaris. This plugin has been deprecated and either replaced with individual 148028 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id64660
    published2013-02-18
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=64660
    titleSolaris 10 (x86) : 148028-03 (deprecated)
    code
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2018/03/12. Deprecated and either replaced by
    # individual patch-revision plugins, or has been deemed a
    # non-security advisory.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(64660);
      script_version("1.12");
      script_cvs_date("Date: 2018/07/30 13:40:14");
    
      script_cve_id("CVE-2013-0411", "CVE-2013-0412");
    
      script_name(english:"Solaris 10 (x86) : 148028-03 (deprecated)");
      script_summary(english:"Check for patch 148028-03");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"This plugin has been deprecated."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: RBAC Configuration). Supported versions
    that are affected are 8, 9 and 10. Very difficult to exploit
    vulnerability requiring logon to Operating System plus additional,
    multiple logins to components. Successful attack of this vulnerability
    can escalate attacker privileges resulting in unauthorized Operating
    System takeover including arbitrary code execution.
    
    Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: Utility/pax). Supported versions that
    are affected are 8, 9, 10 and 11. Difficult to exploit vulnerability
    requiring logon to Operating System. Successful attack of this
    vulnerability can result in unauthorized update, insert or delete
    access to some Solaris accessible data and ability to cause a partial
    denial of service (partial DOS) of Solaris.
    
    This plugin has been deprecated and either replaced with individual
    148028 patch-revision plugins, or deemed non-security related."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/148028-03"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"n/a"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2013/02/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 148028 instead.");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_115337.NASL
    descriptionVulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: RBAC Configuration). Supported versions that are affected are 8, 9 and 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional, multiple logins to components. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id56679
    published2011-10-31
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/56679
    titleSolaris 9 (x86) : 115337-05
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text in this plugin was
    # extracted from the Oracle SunOS Patch Updates.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(56679);
      script_version("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:27");
    
      script_cve_id("CVE-2013-0411");
    
      script_name(english:"Solaris 9 (x86) : 115337-05");
      script_summary(english:"Check for patch 115337-05");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote host is missing Sun Security Patch number 115337-05"
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Vulnerability in the Solaris component of Oracle and Sun Systems
    Products Suite (subcomponent: RBAC Configuration). Supported versions
    that are affected are 8, 9 and 10. Very difficult to exploit
    vulnerability requiring logon to Operating System plus additional,
    multiple logins to components. Successful attack of this vulnerability
    can escalate attacker privileges resulting in unauthorized Operating
    System takeover including arbitrary code execution."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://getupdates.oracle.com/readme/115337-05"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"You should install this patch for your system to be up-to-date."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:M/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/10/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115337-05", obsoleted_by:"", package:"SUNWsutl", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115337-05", obsoleted_by:"", package:"SUNWcsu", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"115337-05", obsoleted_by:"", package:"SUNWcsr", version:"11.9.0,REV=2002.11.04.02.51") < 0) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
      else security_warning(0);
      exit(0);
    }
    audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2013-12-30T04:00:15.216-05:00
classvulnerability
contributors
nameMerryl DMello
organizationHewlett-Packard
definition_extensions
  • commentSolaris 10 (SPARC) is installed
    ovaloval:org.mitre.oval:def:1440
  • commentSolaris 10 (x86) is installed
    ovaloval:org.mitre.oval:def:1926
descriptionUnspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration.
familyunix
idoval:org.mitre.oval:def:18529
statusaccepted
submitted2013-11-20T11:43:28.000-05:00
titleCRITICAL PATCH UPDATE APRIL 2013
version39