Vulnerabilities > CVE-2013-5883 - Local Security vulnerability in SUN Sunos 5.8

047910
CVSS 3.2 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
sun
nessus

Summary

Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel. Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html "Applies only when Solaris is running on SPARC platform."

Vulnerable Configurations

Part Description Count
OS
Sun
1

Nessus

NASL familySolaris Local Security Checks
NASL idSOLARIS8_110794.NASL
descriptionVulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 8. Easily exploitable vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized update, insert or delete access to some Solaris accessible data and ability to cause a partial denial of service (partial DOS) of Solaris. Note: Applies only when Solaris is running on SPARC platform.
last seen2020-06-01
modified2020-06-02
plugin id72142
published2014-01-27
reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/72142
titleSolaris 8 (sparc) : 110794-06
code
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include("compat.inc");

if (description)
{
  script_id(72142);
  script_version("1.6");
  script_cvs_date("Date: 2018/07/30 15:31:32");

  script_cve_id("CVE-2013-5883");
  script_bugtraq_id(64862);

  script_name(english:"Solaris 8 (sparc) : 110794-06");
  script_summary(english:"Check for patch 110794-06");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 110794-06"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Vulnerability in the Solaris component of Oracle and Sun Systems
Products Suite (subcomponent: Kernel). The supported version that is
affected is 8. Easily exploitable vulnerability requiring logon to
Operating System plus additional login/authentication to component or
subcomponent. Successful attack of this vulnerability can escalate
attacker privileges resulting in unauthorized update, insert or delete
access to some Solaris accessible data and ability to cause a partial
denial of service (partial DOS) of Solaris. Note: Applies only when
Solaris is running on SPARC platform."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/110794-06"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"You should install this patch for your system to be up-to-date."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"110794-06", obsoleted_by:"", package:"SUNWdrr", version:"11.8.0,REV=2000.01.08.18.12") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:solaris_get_report());
  else security_note(0);
  exit(0);
}
audit(AUDIT_HOST_NOT, "affected");