| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 3.2 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in Sun Solaris up to 8.0 on x86 and classified as problematic. Impacted is an unknown function of the component CDE ToolTalk. Performing a manipulation results in denial of service. There is no exploit available. The affected component should be upgraded.
Details
A vulnerability, which was classified as problematic, was found in Sun Solaris up to 8.0 on x86 (Operating System). This affects an unknown part of the component CDE ToolTalk. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability.
The weakness was shared 08/30/2002 with Sun Microsystems. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 13444 (Solaris 8 (x86) : 110287-16), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Solaris Local Security Checks and running in the context l.
Upgrading to version 9.0 eliminates this vulnerability. A possible mitigation has been published 7 years after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (13444), SecurityFocus (BID 5598†) and Vulnerability Center (SBV-4630†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Type
Vendor
Name
Version
License
Support
- end of life (old version)
Website
- Vendor: https://www.oracle.com/sun/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 3.3VulDB Meta Temp Score: 3.2
VulDB Base Score: 3.3
VulDB Temp Score: 3.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 13444
Nessus Name: Solaris 8 (x86) : 110287-16
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: Solaris 9.0
Timeline
08/30/2002 🔍08/30/2002 🔍
08/30/2002 🔍
06/27/2004 🔍
07/12/2004 🔍
07/03/2008 🔍
07/17/2016 🔍
09/05/2022 🔍
Sources
Vendor: oracle.comOrganization: Sun Microsystems
Status: Not defined
GCVE (VulDB): GCVE-100-89589
SecurityFocus: 5598 - Sun Solaris CDE ToolTalk Set Default Session Memory Corruption Vulnerability
Vulnerability Center: 4630 - CDE ToolTalk Allows DoS and Code Execution by Causing a Core Dump, High
Entry
Created: 07/17/2016 18:41Updated: 09/05/2022 09:41
Changes: 07/17/2016 18:41 (59), 02/28/2019 17:09 (1), 09/05/2022 09:41 (2)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.