ID SOLARIS10_X86_148408.NASL Type nessus Reporter Tenable Modified 2018-07-30T00:00:00
Description
Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.
This plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.
#
# (C) Tenable Network Security, Inc.
#
# @DEPRECATED@
#
# Disabled on 2018/03/12. Deprecated and either replaced by
# individual patch-revision plugins, or has been deemed a
# non-security advisory.
#
include("compat.inc");
if (description)
{
script_id(59236);
script_version("1.7");
script_cvs_date("Date: 2018/07/30 13:40:14");
script_cve_id("CVE-2013-0399", "CVE-2013-0400");
script_name(english:"Solaris 10 (x86) : 148408-01 (deprecated)");
script_summary(english:"Check for patch 148408-01");
script_set_attribute(
attribute:"synopsis",
value:"This plugin has been deprecated."
);
script_set_attribute(
attribute:"description",
value:
"Vulnerability in the Solaris component of Oracle Sun Products Suite
(subcomponent: Utility/Umount). Supported versions that are affected
are 9 and 10. Difficult to exploit vulnerability requiring logon to
Operating System plus additional login/authentication to component or
subcomponent. Successful attack of this vulnerability can escalate
attacker privileges resulting in unauthorized Operating System
takeover including arbitrary code execution.
Vulnerability in the Solaris component of Oracle Sun Products Suite
(subcomponent: Filesystem/cachefs). Supported versions that are
affected are 9 and 10. Difficult to exploit vulnerability requiring
logon to Operating System plus additional login/authentication to
component or subcomponent. Successful attack of this vulnerability can
escalate attacker privileges resulting in unauthorized Operating
System takeover including arbitrary code execution.
This plugin has been deprecated and either replaced with individual
148408 patch-revision plugins, or deemed non-security related."
);
script_set_attribute(
attribute:"see_also",
value:"https://getupdates.oracle.com/readme/148408-01"
);
script_set_attribute(
attribute:"solution",
value:"n/a"
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");
script_set_attribute(attribute:"patch_publication_date", value:"2012/05/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
script_family(english:"Solaris Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");
exit(0);
}
exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.");
{"id": "SOLARIS10_X86_148408.NASL", "bulletinFamily": "scanner", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.", "published": "2012-05-23T00:00:00", "modified": "2018-07-30T00:00:00", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "reporter": "Tenable", "references": ["https://getupdates.oracle.com/readme/148408-01"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "type": "nessus", "lastseen": "2019-02-21T01:16:43", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "9d422266da3ebc90d58617d6210d104fa75f418354fab384194152e4847958c2", "hashmap": [{"hash": "4445f73a2243eb7513380f77fba0cc15", "key": "sourceData"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "3b33040e1ee70c0673ab567f99a67d3f", "key": "modified"}, {"hash": "f6be3177a487d13b510577f14a20cb8c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "d29b3a9e4ddde86d383ddaf51b5e38e2", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2018-08-30T19:40:17", "modified": "2018-07-30T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:40:17"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "93dbf457811e3fa3eb566e2917dee7fdf6e2ec951a7a629dd59a901a9ecaa6d6", "hashmap": [{"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "4445f73a2243eb7513380f77fba0cc15", "key": "sourceData"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "3b33040e1ee70c0673ab567f99a67d3f", "key": "modified"}, {"hash": "f6be3177a487d13b510577f14a20cb8c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "d29b3a9e4ddde86d383ddaf51b5e38e2", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2018-07-31T03:54:20", "modified": "2018-07-30T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-07-31T03:54:20"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.", "edition": 6, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "93dbf457811e3fa3eb566e2917dee7fdf6e2ec951a7a629dd59a901a9ecaa6d6", "hashmap": [{"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "4445f73a2243eb7513380f77fba0cc15", "key": "sourceData"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "3b33040e1ee70c0673ab567f99a67d3f", "key": "modified"}, {"hash": "f6be3177a487d13b510577f14a20cb8c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "d29b3a9e4ddde86d383ddaf51b5e38e2", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2018-09-01T23:46:36", "modified": "2018-07-30T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-09-01T23:46:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148408 patch-revision plugins, or deemed non-security related.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "3a6870dc0333836756fd412f3c2f5fee9738092dd6efdcdb2a0571e67a5a61cd", "hashmap": [{"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "f6be3177a487d13b510577f14a20cb8c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5850355f6181ab9617cc0d094e464031", "key": "modified"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "ef50169e43b0dff308443853078368f0", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "d29b3a9e4ddde86d383ddaf51b5e38e2", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2018-03-15T14:57:26", "modified": "2018-03-12T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/03/12 17:16:25\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsu\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsr\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2018-03-15T14:57:26"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.", "edition": 1, "enchantments": {}, "hash": "05bb136598fa21c734816fceed6022bd9ad460cd1fdedc9214ce93c1cfa6b799", "hashmap": [{"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "632db9015a661edaa0dcd96455a7f2ab", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "e61e5c86df5afccd159a82d35e6c10ec", "key": "modified"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "2f9a3a9bec3c805ebee2be70e7fee655", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "3c3b0c49586deca3d2b5cc8dc65670a3", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2016-09-26T17:24:36", "modified": "2015-06-01T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.2", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/06/01 14:14:14 $\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 148408-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsu\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsr\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Solaris 10 (x86) : 148408-01", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:13:50", "references": [{"idList": ["SECURITYVULNS:VULN:12836"], "type": "securityvulns"}, {"idList": ["SOLARIS10_148407.NASL", "SOLARIS10_X86_148408-01.NASL", "SOLARIS10_148407-01.NASL"], "type": "nessus"}, {"idList": ["ORACLE:CPUJAN2013-1515902"], "type": "oracle"}, {"idList": ["CVE-2013-0399", "CVE-2013-0400"], "type": "cve"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "838757d597da2c6c917e4c8eb3a2067bd748729e810c643aeae2397fe8dc0b6e", "hashmap": [{"hash": "4829e47aaea4a89bfa0f9328fbe188d3", "key": "description"}, {"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "4445f73a2243eb7513380f77fba0cc15", "key": "sourceData"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "3b33040e1ee70c0673ab567f99a67d3f", "key": "modified"}, {"hash": "f6be3177a487d13b510577f14a20cb8c", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2019-01-16T20:13:50", "modified": "2018-07-30T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n", "title": "Solaris 10 (x86) : 148408-01 (deprecated)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:13:50"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:sun:solaris"], "cvelist": ["CVE-2013-0399", "CVE-2013-0400"], "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.", "edition": 2, "enchantments": {"score": {"modified": "2017-10-29T13:38:09", "value": 6.6}}, "hash": "3a232f135c2c7b97d02824e166f1bcee3bb13b1bf263d407e4efc086754d4284", "hashmap": [{"hash": "44f553cf58779e12ffc62f30a9d8c32f", "key": "cvss"}, {"hash": "be2073bfad5e624acf0f878f09eda795", "key": "naslFamily"}, {"hash": "84574c60b6a4db1f73471b763b80e7d1", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "12350b788e3032906157e11b27b5d136", "key": "cpe"}, {"hash": "b0afed58ca28c89d79789627d1d19744", "key": "cvelist"}, {"hash": "632db9015a661edaa0dcd96455a7f2ab", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f0c459e9d5cd9b8bbfad00feba84179d", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "e61e5c86df5afccd159a82d35e6c10ec", "key": "modified"}, {"hash": "9a59e11738fe21493d48d066bf93b88d", "key": "published"}, {"hash": "2f9a3a9bec3c805ebee2be70e7fee655", "key": "description"}, {"hash": "df48bbddb09380e01eafda99339f669f", "key": "pluginID"}, {"hash": "3c3b0c49586deca3d2b5cc8dc65670a3", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=59236", "id": "SOLARIS10_X86_148408.NASL", "lastseen": "2017-10-29T13:38:09", "modified": "2015-06-01T00:00:00", "naslFamily": "Solaris Local Security Checks", "objectVersion": "1.3", "pluginID": "59236", "published": "2012-05-23T00:00:00", "references": ["https://getupdates.oracle.com/readme/148408-01"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/06/01 14:14:14 $\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 148408-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"You should install this patch for your system to be up-to-date.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsu\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsr\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Solaris 10 (x86) : 148408-01", "type": "nessus", "viewCount": 0}, "differentElements": ["description", "modified", "sourceData", "title"], "edition": 2, "lastseen": "2017-10-29T13:38:09"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "12350b788e3032906157e11b27b5d136"}, {"key": "cvelist", "hash": "b0afed58ca28c89d79789627d1d19744"}, {"key": "cvss", "hash": "44f553cf58779e12ffc62f30a9d8c32f"}, {"key": "description", "hash": "d29b3a9e4ddde86d383ddaf51b5e38e2"}, {"key": "href", "hash": "f0c459e9d5cd9b8bbfad00feba84179d"}, {"key": "modified", "hash": "3b33040e1ee70c0673ab567f99a67d3f"}, {"key": "naslFamily", "hash": "be2073bfad5e624acf0f878f09eda795"}, {"key": "pluginID", "hash": "df48bbddb09380e01eafda99339f669f"}, {"key": "published", "hash": "9a59e11738fe21493d48d066bf93b88d"}, {"key": "references", "hash": "84574c60b6a4db1f73471b763b80e7d1"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "4445f73a2243eb7513380f77fba0cc15"}, {"key": "title", "hash": "f6be3177a487d13b510577f14a20cb8c"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "93dbf457811e3fa3eb566e2917dee7fdf6e2ec951a7a629dd59a901a9ecaa6d6", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0399", "CVE-2013-0400"]}, {"type": "nessus", "idList": ["SOLARIS10_148407-01.NASL", "SOLARIS10_X86_148408-01.NASL", "SOLARIS10_148407.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12836"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2013-1515902"]}], "modified": "2019-02-21T01:16:43"}, "score": {"value": 5.9, "vector": "NONE", "modified": "2019-02-21T01:16:43"}, "vulnersScore": 5.9}, "objectVersion": "1.3", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59236);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01 (deprecated)\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148408 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148408 instead.\");\n", "naslFamily": "Solaris Local Security Checks", "pluginID": "59236", "cpe": ["cpe:/o:sun:solaris"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount.", "modified": "2017-09-19T01:35:00", "id": "CVE-2013-0399", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0399", "published": "2013-01-17T01:55:00", "title": "CVE-2013-0399", "type": "cve", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:12:59", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs.", "modified": "2017-09-19T01:35:00", "id": "CVE-2013-0400", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0400", "published": "2013-01-17T01:55:00", "title": "CVE-2013-0400", "type": "cve", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-02-21T01:16:44", "bulletinFamily": "scanner", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Utility/Umount). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite (subcomponent: Filesystem/cachefs). Supported versions that are affected are 9 and 10. Difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component or subcomponent. Successful attack of this vulnerability can escalate attacker privileges resulting in unauthorized Operating System takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual 148407 patch-revision plugins, or deemed non-security related.", "modified": "2018-07-30T00:00:00", "id": "SOLARIS10_148407.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=59287", "published": "2012-05-29T00:00:00", "title": "Solaris 10 (sparc) : 148407-01 (deprecated)", "type": "nessus", "sourceData": "\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2018/03/12. Deprecated and either replaced by\n# individual patch-revision plugins, or has been deemed a\n# non-security advisory.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59287);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/30 13:40:14\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (sparc) : 148407-01 (deprecated)\");\n script_summary(english:\"Check for patch 148407-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\n\nThis plugin has been deprecated and either replaced with individual\n148407 patch-revision plugins, or deemed non-security related.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148407-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:sun:solaris\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Consult specific patch-revision plugins for patch 148407 instead.\");\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-12-13T09:20:09", "bulletinFamily": "scanner", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.", "modified": "2019-12-02T00:00:00", "id": "SOLARIS10_X86_148408-01.NASL", "href": "https://www.tenable.com/plugins/nessus/108148", "published": "2018-03-12T00:00:00", "title": "Solaris 10 (x86) : 148408-01", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108148);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/10/29 10:22:58\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (x86) : 148408-01\");\n script_summary(english:\"Check for patch 148408-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 148408-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148408-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 148408-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:148408\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsr\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"148408-01\", obsoleted_by:\"149172-02 \", package:\"SUNWcsu\", version:\"11.10.0,REV=2005.01.21.16.34\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcsr / SUNWcsu\");\n}\n", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T09:20:06", "bulletinFamily": "scanner", "description": "Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.", "modified": "2019-12-02T00:00:00", "id": "SOLARIS10_148407-01.NASL", "href": "https://www.tenable.com/plugins/nessus/107655", "published": "2018-03-12T00:00:00", "title": "Solaris 10 (sparc) : 148407-01", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107655);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/10/26 10:53:23\");\n\n script_cve_id(\"CVE-2013-0399\", \"CVE-2013-0400\");\n\n script_name(english:\"Solaris 10 (sparc) : 148407-01\");\n script_summary(english:\"Check for patch 148407-01\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 148407-01\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Utility/Umount). Supported versions that are affected\nare 9 and 10. Difficult to exploit vulnerability requiring logon to\nOperating System plus additional login/authentication to component or\nsubcomponent. Successful attack of this vulnerability can escalate\nattacker privileges resulting in unauthorized Operating System\ntakeover including arbitrary code execution.\n\nVulnerability in the Solaris component of Oracle Sun Products Suite\n(subcomponent: Filesystem/cachefs). Supported versions that are\naffected are 9 and 10. Difficult to exploit vulnerability requiring\nlogon to Operating System plus additional login/authentication to\ncomponent or subcomponent. Successful attack of this vulnerability can\nescalate attacker privileges resulting in unauthorized Operating\nSystem takeover including arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/148407-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 148407-01\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:148407\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"148407-01\", obsoleted_by:\"149171-02 \", package:\"SUNWcsr\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"148407-01\", obsoleted_by:\"149171-02 \", package:\"SUNWcsu\", version:\"11.10.0,REV=2005.01.21.15.53\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWcsr / SUNWcsu\");\n}\n", "cvss": {"score": 6.6, "vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "description": "Over 85 of different vulnerabilites are fixed in CPU.", "modified": "2013-02-24T00:00:00", "published": "2013-02-24T00:00:00", "id": "SECURITYVULNS:VULN:12836", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12836", "title": " Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2019-05-29T18:21:11", "bulletinFamily": "software", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 86 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "modified": "2013-05-13T00:00:00", "published": "2013-01-15T00:00:00", "id": "ORACLE:CPUJAN2013-1515902", "href": "", "title": "Oracle Critical Patch Update - January 2013", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
