Solaris 10 (sparc) : 148165-02

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is missing Sun Security Patch number 148165-02

Description :

Vulnerability in the Solaris component of Oracle Sun Products Suite
(subcomponent: Password Policy). Supported versions that are affected
are 8, 9, 10 and 11. Easily exploitable vulnerability requiring logon
to Operating System plus additional login/authentication to component
or subcomponent. Successful attack of this vulnerability can escalate
attacker privileges resulting in unauthorized update, insert or delete
access to some Solaris accessible data as well as read access to a
subset of Solaris accessible data and ability to cause a partial
denial of service (partial DOS) of Solaris.

See also :

https://getupdates.oracle.com/readme/148165-02

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P)

Family: Solaris Local Security Checks

Nessus Plugin ID: 57680 ()

Bugtraq ID:

CVE ID: CVE-2012-1684

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now