Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5225

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2007-5225
Last Modified 11 Oct 2011 12:00:00
Published 04 Oct 2007 08:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5225

Summary

Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.

Vulnerable Systems

Operating System

  • Sun Solaris 10.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0


References

XF - solaris-namedpipes-information-disclosure(36918)

VUPEN - ADV-2007-3339

SECTRACK - 1018766

BID - 25905

BUGTRAQ - 20071004 Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

MILW0RM - 5227

MILW0RM - 4516

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm

SUNALERT - 103061

SECUNIA - 27654

SECUNIA - 27024

IDEFENSE - 20071002 Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability


Last Updated: 27 May 2016 10:46:06