Lucene search

[email protected]CVE-2008-1369

HistoryMar 18, 2008 - 5:44 p.m.

CVE-2008-1369

2008-03-1817:44:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-1369

sun solaris

sparc

enterprise t5120

enterprise t5220

ssh

privilege escalation

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.

Affected configurations

NVD

Node

sunsunosMatch5.10

AND

sunsparc_enterprise_serverMatcht5120

sunsparc_enterprise_serverMatcht5220

CPENameOperatorVersion
sun:sunossun sunoseq5.10

CPE	Name	Operator	Version
sun:sunos	sun sunos	eq	5.10

References

secunia.com/advisories/29529

sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1

www.securityfocus.com/bid/28469

www.securitytracker.com/id?1019708

www.vupen.com/english/advisories/2008/0810/references

exchange.xforce.ibmcloud.com/vulnerabilities/41332

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.7%

JSON

Related for CVE-2008-1369

nvd1 cvelist1 nessus1 prion1