Revision Date: | 2009-02-16 | Version: | 16 |
Title: | Security Vulnerability in Solaris IP Tunnel Parameter Processing May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users |
Description: | tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. |
Family: | unix | Class: | vulnerability |
Status: | ACCEPTED | Reference(s): | CVE-2008-5689
|
Platform(s): | Sun Solaris 10
| Product(s): | |
Definition Synopsis |
Solaris 10 (SPARC) meets Sun Alert 242266 Solaris 10 (SPARC) is installed
AND NOT Patch 138888-01 or later installed
OR Solaris 10 (x86) meets Sun Alert 242266
Solaris 10 (x86) is installed
AND NOT Patch 138889-01 or later installed
|