Vulnerabilities > CVE-2013-5834 - Local Security vulnerability in SUN Sunos 5.8
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ps.
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_X86_109024.NASL description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: last seen 2020-06-01 modified 2020-06-02 plugin id 21171 published 2006-04-03 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21171 title Solaris 8 (x86) : 109024-08 code # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(21171); script_version("1.22"); script_cvs_date("Date: 2018/07/30 15:31:32"); script_cve_id("CVE-1999-1587", "CVE-2013-5834"); script_bugtraq_id(64843); script_name(english:"Solaris 8 (x86) : 109024-08"); script_summary(english:"Check for patch 109024-08"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 109024-08" ); script_set_attribute( attribute:"description", value: "Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: 'ps' command line utility). The supported version that is affected is 8. Very difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/109024-08" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/04/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109024-08", obsoleted_by:"", package:"SUNWscpu", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++; if (solaris_check_patch(release:"5.8_x86", arch:"i386", patch:"109024-08", obsoleted_by:"", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.17") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS8_109023.NASL description Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: last seen 2020-06-01 modified 2020-06-02 plugin id 21170 published 2006-04-03 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21170 title Solaris 8 (sparc) : 109023-08 code # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(21170); script_version("1.27"); script_cvs_date("Date: 2018/07/30 15:31:32"); script_cve_id("CVE-1999-1587", "CVE-2013-5834"); script_bugtraq_id(64843); script_name(english:"Solaris 8 (sparc) : 109023-08"); script_summary(english:"Check for patch 109023-08"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 109023-08" ); script_set_attribute( attribute:"description", value: "Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: 'ps' command line utility). The supported version that is affected is 8. Very difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/109023-08" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/04/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109023-08", obsoleted_by:"", package:"SUNWscpu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109023-08", obsoleted_by:"", package:"SUNWcsxu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109023-08", obsoleted_by:"", package:"SUNWcsu", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"109023-08", obsoleted_by:"", package:"SUNWscpux", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report()); else security_warning(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");