Solaris 10 (x86) : 126547-10 (deprecated)
low Nessus Plugin ID 62115
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
This plugin has been deprecated.Description
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Bash). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data.This plugin has been deprecated and either replaced with individual 126547 patch-revision plugins, or deemed non-security related.
See Also
Plugin Details
Severity: Low
ID: 62115
File Name: solaris10_x86_126547.nasl
Version: 1.29
Type: local
Family: Solaris Local Security Checks
Published: 9/17/2012
Updated: 1/14/2021
Dependencies: ssh_get_info.nasl
Risk Information
VPR
Risk Factor: Critical
Score: 9.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: E:H/RL:OF/RC:C
CVSS v3
Risk Factor: Low
Base Score: 2.8
Temporal Score: 2.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Temporal Vector: E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:sun:solaris
Required KB Items: Host/local_checks_enabled, Host/Solaris/showrev
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/11/2016
Exploitable With
Core Impact
Metasploit (Apache mod_cgi Bash Environment Variable Code Injection (Shellshock))