Vulnerabilities > CVE-2014-0397 - Buffer Errors vulnerability in Oracle Solaris 10/11.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to "Buffer errors."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS10_126363.NASL description SunOS 5.10: X Window System changes - Solaris Trusted Extensions. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 126363 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 42171 published 2009-10-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=42171 title Solaris 10 (sparc) : 126363-10 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(42171); script_version("1.22"); script_cvs_date("Date: 2019/09/24 15:02:54"); script_cve_id("CVE-2009-3839", "CVE-2014-0397"); script_bugtraq_id(36840, 65819); script_name(english:"Solaris 10 (sparc) : 126363-10 (deprecated)"); script_summary(english:"Check for patch 126363-10"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10: X Window System changes - Solaris Trusted Extensions. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 126363 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/126363-10" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 126363 instead.");NASL family Solaris Local Security Checks NASL id SOLARIS10_123611.NASL description X11 6.6.2: Trusted Extensions patch. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 123611 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 76070 published 2014-06-16 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=76070 title Solaris 10 (sparc) : 123611-05 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(76070); script_version("1.9"); script_cvs_date("Date: 2018/07/30 15:31:32"); script_cve_id("CVE-2014-0397"); script_bugtraq_id(65819); script_name(english:"Solaris 10 (sparc) : 123611-05 (deprecated)"); script_summary(english:"Check for patch 123611-05"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "X11 6.6.2: Trusted Extensions patch. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 123611 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/123611-05" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 123611 instead.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_126364.NASL description SunOS 5.10_x86: X Window System changes - Solaris Trusted Extensio. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 126364 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 42172 published 2009-10-19 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=42172 title Solaris 10 (x86) : 126364-10 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(42172); script_version("1.14"); script_cvs_date("Date: 2018/07/30 15:31:32"); script_cve_id("CVE-2014-0397"); script_bugtraq_id(65819); script_name(english:"Solaris 10 (x86) : 126364-10 (deprecated)"); script_summary(english:"Check for patch 126364-10"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "SunOS 5.10_x86: X Window System changes - Solaris Trusted Extensio. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 126364 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/126364-10" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 126364 instead.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_123612.NASL description X11 6.6.2_x86: Trusted Extensions patch. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 123612 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 23739 published 2006-11-28 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=23739 title Solaris 10 (x86) : 123612-06 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(23739); script_version("1.23"); script_cvs_date("Date: 2018/07/30 15:31:32"); script_cve_id("CVE-2014-0397"); script_bugtraq_id(65819); script_name(english:"Solaris 10 (x86) : 123612-06 (deprecated)"); script_summary(english:"Check for patch 123612-06"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "X11 6.6.2_x86: Trusted Extensions patch. Date this patch was last updated by Sun : Jun/14/14 This plugin has been deprecated and either replaced with individual 123612 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/123612-06" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2014/06/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 123612 instead.");NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_125720.NASL description X11 6.8.0_x86: Xorg server patch. Date this patch was last updated by Sun : Aug/23/17 This plugin has been deprecated and either replaced with individual 125720 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 25395 published 2007-06-04 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=25395 title Solaris 10 (x86) : 125720-70 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS11_LIBXTSOL_20140617.NASL description The remote Solaris system is missing necessary patches to address security updates. last seen 2020-06-01 modified 2020-06-02 plugin id 80696 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80696 title Oracle Solaris Third-Party Patch Update : libxtsol (cve_2014_0397_buffer_errors)
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID:65819 CVE ID:CVE-2014-0397 Oracle Solaris是一款基于unix的操作系统。 Oracle Solaris libXtsol存在一个未明安全漏洞,目前没有详细漏洞细节提供。 0 Oracle Solaris 11.x Oracle Solaris 11.1.16.5.0已经修复该漏洞,建议用户下载更新: http://www.oracle.com/technetwork/server-storage/solaris11/overview/index.html |
| id | SSV:61605 |
| last seen | 2017-11-19 |
| modified | 2014-02-28 |
| published | 2014-02-28 |
| reporter | Root |
| title | Oracle Solaris libXtsol未明安全漏洞 |