Vulnerabilities > CVE-2015-0448 - Local Security vulnerability in Oracle Solaris 11.2

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

oracle

nessus

NVD

Published: 2015-04-16

Updated: 2017-01-03

Summary

Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to ZFS File system.

Vulnerable Configurations

Part	Description	Count
OS	Oracle Oracle Solaris 11.2	1

Nessus

NASL family	Solaris Local Security Checks
NASL id	SOLARIS_APR2015_SRU11_2_8_5_0.NASL
description	This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZFS File system). The supported version that is affected is 11.2. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. (CVE-2015-0448) - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel IDMap). The supported version that is affected is 11.2. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System hang or frequently repeatable crash (complete DOS). (CVE-2015-2578)
last seen	2020-06-01
modified	2020-06-02
plugin id	82817
published	2015-04-16
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82817
title	Oracle Solaris Critical Patch Update : apr2015_SRU11_2_8_5_0

Summary

Vulnerable Configurations

Nessus

References