Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6505

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2007-6505
Last Modified 15 Nov 2008 02:04:52
Published 20 Dec 2007 06:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2007-6505

Summary

Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.

Vulnerable Systems

Operating System

  • Sun Solaris 9


References

SUNALERT - 103172

OSVDB - 44332

XF - solaris-sshaudit-weak-security(39185)

SUNALERT - 201310


Last Updated: 27 May 2016 10:46:31