CVE-2009-0875

Sažetak

Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.

Reference

http://osvdb.org/52561
http://secunia.com/advisories/34227
http://secunia.com/advisories/34375
http://sunsolve.sun.com/search/document.do?assetkey=1-21-117350-61-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242486-1
http://support.avaya.com/elmodocs2/security/ASA-2009-095.htm
http://www.securityfocus.com/bid/34081
http://www.securitytracker.com/id?1021840
http://www.vupen.com/english/advisories/2009/0673
http://www.vupen.com/english/advisories/2009/0766

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

02-04-2009 - 05:45

Objavljeno

12-03-2009 - 15:20