Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5689

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-5689
Last Modified 07 Mar 2011 10:14:58
Published 19 Dec 2008 12:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5689

Summary

tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.

Vulnerable Systems

Operating System

  • Sun Opensolaris Snv 01

  • Sun Opensolaris Snv 02

  • Sun Opensolaris Snv 03

  • Sun Opensolaris Snv 04

  • Sun Opensolaris Snv 05

  • Sun Opensolaris Snv 06

  • Sun Opensolaris Snv 07

  • Sun Opensolaris Snv 08

  • Sun Opensolaris Snv 09

  • Sun Opensolaris Snv 10

  • Sun Opensolaris Snv 100

  • Sun Opensolaris Snv 101

  • Sun Opensolaris Snv 102

  • Sun Opensolaris Snv 11

  • Sun Opensolaris Snv 12

  • Sun Opensolaris Snv 13

  • Sun Opensolaris Snv 14

  • Sun Opensolaris Snv 15

  • Sun Opensolaris Snv 16

  • Sun Opensolaris Snv 17

  • Sun Opensolaris Snv 18

  • Sun Opensolaris Snv 19

  • Sun Opensolaris Snv 20

  • Sun Opensolaris Snv 21

  • Sun Opensolaris Snv 22

  • Sun Opensolaris Snv 23

  • Sun Opensolaris Snv 24

  • Sun Opensolaris Snv 25

  • Sun Opensolaris Snv 26

  • Sun Opensolaris Snv 27

  • Sun Opensolaris Snv 28

  • Sun Opensolaris Snv 29

  • Sun Opensolaris Snv 30

  • Sun Opensolaris Snv 31

  • Sun Opensolaris Snv 32

  • Sun Opensolaris Snv 33

  • Sun Opensolaris Snv 34

  • Sun Opensolaris Snv 35

  • Sun Opensolaris Snv 36

  • Sun Opensolaris Snv 37

  • Sun Opensolaris Snv 38

  • Sun Opensolaris Snv 39

  • Sun Opensolaris Snv 40

  • Sun Opensolaris Snv 41

  • Sun Opensolaris Snv 42

  • Sun Opensolaris Snv 43

  • Sun Opensolaris Snv 44

  • Sun Opensolaris Snv 45

  • Sun Opensolaris Snv 46

  • Sun Opensolaris Snv 47

  • Sun Opensolaris Snv 48

  • Sun Opensolaris Snv 49

  • Sun Opensolaris Snv 50

  • Sun Opensolaris Snv 51

  • Sun Opensolaris Snv 52

  • Sun Opensolaris Snv 53

  • Sun Opensolaris Snv 54

  • Sun Opensolaris Snv 55

  • Sun Opensolaris Snv 56

  • Sun Opensolaris Snv 57

  • Sun Opensolaris Snv 58

  • Sun Opensolaris Snv 59

  • Sun Opensolaris Snv 60

  • Sun Opensolaris Snv 61

  • Sun Opensolaris Snv 62

  • Sun Opensolaris Snv 63

  • Sun Opensolaris Snv 64

  • Sun Opensolaris Snv 65

  • Sun Opensolaris Snv 66

  • Sun Opensolaris Snv 67

  • Sun Opensolaris Snv 68

  • Sun Opensolaris Snv 69

  • Sun Opensolaris Snv 70

  • Sun Opensolaris Snv 71

  • Sun Opensolaris Snv 72

  • Sun Opensolaris Snv 73

  • Sun Opensolaris Snv 74

  • Sun Opensolaris Snv 75

  • Sun Opensolaris Snv 76

  • Sun Solaris 10.0


References

SUNALERT - 242266

XF - solaris-iptunnel-code-exeuction(47449)

VUPEN - ADV-2008-3454

MISC - http://www.trapkit.de/advisories/TKADV2008-015.txt

SECTRACK - 1021464

BID - 32904

BUGTRAQ - 20081218 [TKADV2008-015] Sun Solaris SIOCGTUNPARAM IOCTL Kernel NULL pointer dereference

EXPLOIT-DB - 15962

SREASON - 4801

SECUNIA - 33160


Last Updated: 27 May 2016 10:48:53