Vulnerabilities > CVE-2015-4750 - Remote Security vulnerability in Oracle and SUN Systems Product Suite 3.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products Suite 3.2 allows remote attackers to affect availability via vectors related to LDOM Manager.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS11_LDOMS_20150714.NASL description The remote Solaris system is missing necessary patches to address an unspecified flaw that exists in the LDOM Manager subcomponent of Oracle VM Server for SPARC. A remote, unauthenticated attacker can exploit this, via multiple protocols, to cause a denial of service condition. last seen 2020-06-01 modified 2020-06-02 plugin id 84807 published 2015-07-16 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/84807 title Oracle Solaris Critical Patch Update : ldoms (SRU11_2_11_5_0) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the Oracle CPU for jul2015. # include("compat.inc"); if (description) { script_id(84807); script_version("1.7"); script_cvs_date("Date: 2018/11/15 20:50:25"); script_cve_id("CVE-2015-4750"); script_bugtraq_id(75862); script_name(english:"Oracle Solaris Critical Patch Update : ldoms (SRU11_2_11_5_0)"); script_summary(english:"Check for the jul2015 CPU and ldoms."); script_set_attribute(attribute:"synopsis", value: "The remote Solaris system is missing a security patch from the July 2015 Oracle Critical Patch Update advisory."); script_set_attribute(attribute:"description", value: "The remote Solaris system is missing necessary patches to address an unspecified flaw that exists in the LDOM Manager subcomponent of Oracle VM Server for SPARC. A remote, unauthenticated attacker can exploit this, via multiple protocols, to cause a denial of service condition."); # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/2368792.xml script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?178c8ed1"); # http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d18c2a85"); script_set_attribute(attribute:"see_also", value:"https://support.oracle.com/rs?type=doc&id=20018633.1"); script_set_attribute(attribute:"see_also", value:"https://support.oracle.com/rs?type=doc&id=2018633.1"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the July 2015 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/14"); script_set_attribute(attribute:"patch_publication_date", value:"2015/07/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Solaris11/release"); if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11"); pkg_list = solaris_pkg_list_leaves(); if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages"); if (empty_or_null(egrep(string:pkg_list, pattern:"^ldoms$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "ldoms"); fix_release = "0.5.11-0.175.2.11.0.5.0"; flag = 0; if (solaris_check_release(release:fix_release, sru:"11.2.11.5.0") > 0) flag++; if (flag) { error_extra = 'Affected package : ldoms\n' + solaris_get_report2(); error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra); if (report_verbosity > 0) security_warning(port:0, extra:error_extra); else security_warning(0); exit(0); } else audit(AUDIT_PACKAGE_NOT_AFFECTED, "ldoms");
NASL family Solaris Local Security Checks NASL id SOLARIS10_151934.NASL description VM Server for SPARC 3.2 ldmd patch. Date this patch was last updated by Sun : Dec/02/17 This plugin has been deprecated and either replaced with individual 151934 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 84205 published 2015-06-16 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=84205 title Solaris 10 (sparc) : 151934-04 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2018/03/12. Deprecated and either replaced by # individual patch-revision plugins, or has been deemed a # non-security advisory. # include("compat.inc"); if (description) { script_id(84205); script_version("2.13"); script_cvs_date("Date: 2018/07/30 13:40:15"); script_cve_id("CVE-2015-4750"); script_name(english:"Solaris 10 (sparc) : 151934-04 (deprecated)"); script_summary(english:"Check for patch 151934-04"); script_set_attribute( attribute:"synopsis", value:"This plugin has been deprecated." ); script_set_attribute( attribute:"description", value: "VM Server for SPARC 3.2 ldmd patch. Date this patch was last updated by Sun : Dec/02/17 This plugin has been deprecated and either replaced with individual 151934 patch-revision plugins, or deemed non-security related." ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/151934-04" ); script_set_attribute( attribute:"solution", value:"n/a" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2017/12/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 151934 instead.");