Lucene search

[email protected]NVD:CVE-2004-2686

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2686

2004-12-3105:00:00

CWE-22

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.7%

JSON

Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.

Affected configurations

NVD

Node

sunsolarisMatch2.6

sunsolarisMatch7.0x86

sunsolarisMatch8.0x86

sunsolarisMatch9.0x86

sunsunosMatch-

sunsunosMatch5.7

sunsunosMatch5.8

sunsunosMatch5.9

References

seclists.org/bugtraq/2004/Apr/0081.html

securitytracker.com/id?1008833

www.derkeiler.com/Mailing-Lists/Full-Disclosure/2004-04/0297.html

www.immunitysec.com/downloads/solaris_kernel_vfs.sxw.pdf

www.securityfocus.com/bid/9962

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1381

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.7%

JSON

Related for NVD:CVE-2004-2686

cve2 cvelist2 saint4 nvd1