Solaris 10 (sparc) : 148407-01

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote host is missing Sun Security Patch number 148407-01

Description :

Vulnerability in the Solaris component of Oracle Sun Products Suite
(subcomponent: Utility/Umount). Supported versions that are affected
are 9 and 10. Difficult to exploit vulnerability requiring logon to
Operating System plus additional login/authentication to component or
subcomponent. Successful attack of this vulnerability can escalate
attacker privileges resulting in unauthorized Operating System
takeover including arbitrary code execution.

Vulnerability in the Solaris component of Oracle Sun Products Suite
(subcomponent: Filesystem/cachefs). Supported versions that are
affected are 9 and 10. Difficult to exploit vulnerability requiring
logon to Operating System plus additional login/authentication to
component or subcomponent. Successful attack of this vulnerability can
escalate attacker privileges resulting in unauthorized Operating
System takeover including arbitrary code execution.

See also :

https://getupdates.oracle.com/readme/148407-01

Solution :

You should install this patch for your system to be up-to-date.

Risk factor :

Medium / CVSS Base Score : 6.6
(CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C)

Family: Solaris Local Security Checks

Nessus Plugin ID: 59287 ()

Bugtraq ID:

CVE ID: CVE-2013-0399
CVE-2013-0400

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now