Solaris 9 (sparc) : 147416-02

2013-12-2800:00:00

www.tenable.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.002

Percentile

54.9%

JSON

Vulnerability in the Sun Storage Common Array Manager (CAM) component of Oracle Sun Products Suite (subcomponent: Fault Management System (FMS)). The supported version that is affected is 6.9.0. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Sun Storage Common Array Manager (CAM) accessible data.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(71745);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2013-0417");

  script_name(english:"Solaris 9 (sparc) : 147416-02");
  script_summary(english:"Check for patch 147416-02");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 147416-02"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Vulnerability in the Sun Storage Common Array Manager (CAM) component
of Oracle Sun Products Suite (subcomponent: Fault Management System
(FMS)). The supported version that is affected is 6.9.0. Easily
exploitable vulnerability allows successful unauthenticated network
attacks via multiple protocols. Successful attack of this
vulnerability can result in unauthorized read access to a subset of
Sun Storage Common Array Manager (CAM) accessible data."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/147416-02"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"You should install this patch for your system to be up-to-date."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/12/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/28");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"147416-02", obsoleted_by:"", package:"SUNWsefms", version:"6.9.0,REV=2011.11.13.21.31.38") < 0) flag++;
if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"147416-02", obsoleted_by:"", package:"SUNWstkcamcd", version:"6.9.0,REV=2011.11.13.21.32.51") < 0) flag++;
if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"147416-02", obsoleted_by:"", package:"SUNWsesscs", version:"6.9.0,REV=2011.11.13.21.32.51") < 0) flag++;
if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"147416-02", obsoleted_by:"", package:"SUNWstkraidsa", version:"6.9.0,REV=2011.11.13.21.31.44") < 0) flag++;
if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"147416-02", obsoleted_by:"", package:"SUNWse6130ui", version:"6.9.0,REV=2011.11.13.21.32.51") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
  else security_warning(0);
  exit(0);
}
audit(AUDIT_HOST_NOT, "affected");