Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9491

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-9491
Last Modified 22 Jan 2015 10:39:36
Published 20 Jan 2015 10:59:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9491

Summary

The devzvol_readdir function in illumos does not check the return value of a strchr call, which allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors.

Vulnerable Systems

Application

  • Illumos


References

CONFIRM - https://www.illumos.org/issues/5421

CONFIRM - https://github.com/illumos/illumos-gate/commit/d65686849024838243515b5c40ae2c479460b4b5

XF - illumos-cve-20149491-dos(99686)

MLIST - [oss-security] 20150103 Re: CVE Request for illumos distributions


Last Updated: 27 May 2016 11:07:36