Oval Definition:oval:org.mitre.oval:def:5671
Revision Date:2010-01-11Version:2
Title:Linux Kernel SBNI WAN Driver Privilege Check Bugs May Let Local Users Gain Elevated Privileges
Description:The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-3525
Platform(s):VMWare ESX Server 3.5
Product(s):
Definition Synopsis
  • AND
  • VMware ESX Server 3.5.0 is installed
  • AND Patch ESX350-200910401-SG is not installed
    • BACK