CVE-2009-1673

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.

References

http://osvdb.org/54464

http://secunia.com/advisories/35103

http://secunia.com/advisories/35119

http://sunsolve.sun.com/search/document.do?assetkey=1-21-122300-40-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-257988-1

http://support.avaya.com/elmodocs2/security/ASA-2009-188.htm

http://www.securityfocus.com/bid/34979

http://www.securitytracker.com/id?1022232

http://www.vupen.com/english/advisories/2009/1315

http://www.vupen.com/english/advisories/2009/1388

https://exchange.xforce.ibmcloud.com/vulnerabilities/50557

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6256

Details

Source: MITRE

Published: 2009-05-18

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
24861Solaris 9 (x86) : 122301-61NessusSolaris Local Security Checks
high
24858Solaris 9 (sparc) : 122300-61NessusSolaris Local Security Checks
high