Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.SOLARIS9_X86_149074.NASL
HistoryApr 17, 2014 - 12:00 a.m.

Solaris 9 (x86) : 149074-01

2014-04-1700:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
7

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

25.3%

JSON

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite (subcomponent: Print Filter Utility). Supported versions that are affected are 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Solaris accessible data as well as read access to a subset of Solaris accessible data and ability to cause a partial denial of service (partial DOS) of Solaris.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(73594);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2014-0442");
  script_bugtraq_id(66837);

  script_name(english:"Solaris 9 (x86) : 149074-01");
  script_summary(english:"Check for patch 149074-01");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 149074-01"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Vulnerability in the Solaris component of Oracle and Sun Systems
Products Suite (subcomponent: Print Filter Utility). Supported
versions that are affected are 9, 10 and 11.1. Easily exploitable
vulnerability requiring logon to Operating System. Successful attack
of this vulnerability can result in unauthorized update, insert or
delete access to some Solaris accessible data as well as read access
to a subset of Solaris accessible data and ability to cause a partial
denial of service (partial DOS) of Solaris."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/149074-01"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"You should install this patch for your system to be up-to-date."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/17");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"149074-01", obsoleted_by:"", package:"SUNWpsutilsS", version:"11.9.0,REV=2004.04.26.13.09") < 0) flag++;
if (solaris_check_patch(release:"5.9_x86", arch:"i386", patch:"149074-01", obsoleted_by:"", package:"SUNWpsutils", version:"11.9.0,REV=2004.04.26.13.09") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
  else security_warning(0);
  exit(0);
}
audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
sunsolariscpe:/o:sun:solaris

Related

nessus 6
cve 1
cvelist 1
nvd 1
prion 1
securityvulns 1
oracle 1
nessus
nessus
Solaris 10 (sparc) : 149075-01
2018-03-12 00:00:00
Solaris 10 (sparc) : 149075-01 (deprecated)
2014-03-17 00:00:00
Solaris 10 (x86) : 149076-01
2018-03-12 00:00:00
cve
cve
CVE-2014-0442
2014-04-16 00:55:23
cvelist
cvelist
CVE-2014-0442
2014-04-15 22:00:00
nvd
nvd
CVE-2014-0442
2014-04-16 00:55:23
prion
prion
Design/Logic Flaw
2014-04-16 00:55:00
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities
2014-05-02 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2014
2014-04-15 00:00:00

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

25.3%

JSON
Related for SOLARIS9_X86_149074.NASL
nessus6cve1cvelist1nvd1prion1securityvulns1oracle1