Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3875

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-3875
Last Modified 07 Mar 2011 10:11:33
Published 02 Sep 2008 10:24:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3875

Summary

The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls.

Vulnerable Systems

Operating System

  • Sun Opensolaris Build Snv 01

  • Sun Opensolaris Build Snv 02

  • Sun Opensolaris Build Snv 13

  • Sun Opensolaris Build Snv 19

  • Sun Opensolaris Build Snv 22

  • Sun Opensolaris Build Snv 39

  • Sun Opensolaris Build Snv 47

  • Sun Opensolaris Build Snv 59

  • Sun Opensolaris Build Snv 64

  • Sun Opensolaris Build Snv 79b

  • Sun Opensolaris Build Snv 87

  • Sun Opensolaris Build Snv 88

  • Sun Opensolaris Build Snv 89

  • Sun Solaris 10

  • Sun Solaris 8

  • Sun Solaris 9


References

BID - 30880

XF - solaris-kernel-security-bypass(44753)

VUPEN - ADV-2008-2460

SECTRACK - 1020780

SUNALERT - 240706

SECUNIA - 31667


Last Updated: 27 May 2016 10:48:20