Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0964

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0964
Last Modified 07 Mar 2011 12:00:00
Published 08 Aug 2008 02:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0964

Summary

Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.

Vulnerable Systems

Operating System

  • Sun Opensolaris

  • Sun Opensolaris Build Snv 01

  • Sun Opensolaris Build Snv 02

  • Sun Opensolaris Build Snv 13

  • Sun Opensolaris Build Snv 19

  • Sun Opensolaris Build Snv 22

  • Sun Opensolaris Build Snv 64

  • Sun Opensolaris Build Snv 88

  • Sun Opensolaris Build Snv 89

  • Sun Opensolaris Build Snv 91

  • Sun Opensolaris Build Snv 92

  • Sun Opensolaris Build Snv 95

  • Sun Solaris 10

  • Sun Solaris 8

  • Sun Solaris 9


References

XF - solaris-snoop1m-command-execution(44222)

VUPEN - ADV-2008-2311

SECTRACK - 1020633

BID - 30556

MILW0RM - 6328

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm

SUNALERT - 240101

SECUNIA - 31535

SECUNIA - 31386

IDEFENSE - 20080804 Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities

XF - sun-solaris-snoop1m-command-execution(44222)


Last Updated: 27 May 2016 10:47:26