Lucene search

[email protected]CVE-2008-3870

HistoryMay 26, 2009 - 9:30 p.m.

CVE-2008-3870

2009-05-2621:30:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-3870

integer overflow

sadmind

sun solaris

remote code execution

rpc request

heap-based buffer overflow

memory allocation

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.867 High

EPSS

Percentile

98.6%

JSON

Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.

CPENameOperatorVersion
sun:solarissun solariseq8.0
sun:solarissun solariseq9.0

CPE	Name	Operator	Version
sun:solaris	sun solaris	eq	8.0
sun:solaris	sun solaris	eq	9.0

References

secunia.com/advisories/32473

secunia.com/advisories/35191

secunia.com/secunia_research/2008-47/

sunsolve.sun.com/search/document.do?assetkey=1-21-116455-02-1

sunsolve.sun.com/search/document.do?assetkey=1-66-259468-1

support.avaya.com/elmodocs2/security/ASA-2009-195.htm

www.osvdb.org/54668

www.securityfocus.com/archive/1/503772/100/0/threaded

www.securityfocus.com/bid/35083

www.securitytracker.com/id?1022275

www.vupen.com/english/advisories/2009/1409

exchange.xforce.ibmcloud.com/vulnerabilities/50706

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6092

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.867 High

EPSS

Percentile

98.6%

JSON

Related for CVE-2008-3870

cvelist1 prion1 securityvulns2 checkpoint_advisories1 openvas8 seebug1 cve1 nessus1